[07/Nov/2021:01:34:05 +0100] 35.167.61.74 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 306
[07/Nov/2021:01:34:49 +0100] 34.210.195.131 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[07/Nov/2021:01:34:58 +0100] 34.211.228.194 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 313
[07/Nov/2021:01:35:01 +0100] 34.211.228.194 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 306
[07/Nov/2021:01:35:39 +0100] 35.85.216.159 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[07/Nov/2021:01:38:34 +0100] 45.146.164.110 TLSv1.2 AES256-SHA "POST /api/jsonws/invoke HTTP/1.1" 314
[07/Nov/2021:01:38:34 +0100] 45.146.164.110 TLSv1.2 AES256-SHA "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[07/Nov/2021:01:38:34 +0100] 45.146.164.110 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327
[07/Nov/2021:01:38:35 +0100] 45.146.164.110 TLSv1.2 AES256-SHA "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[07/Nov/2021:01:38:38 +0100] 45.146.164.110 TLSv1.2 AES256-SHA "POST /Autodiscover/Autodiscover.xml HTTP/1.1" 315
[07/Nov/2021:01:38:40 +0100] 45.146.164.110 TLSv1.2 AES256-SHA "GET /_ignition/execute-solution HTTP/1.1" 319
[07/Nov/2021:01:38:40 +0100] 45.146.164.110 TLSv1.2 AES256-SHA "POST /mifs/.;/services/LogService HTTP/1.1" 318
[07/Nov/2021:01:38:43 +0100] 45.146.164.110 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[07/Nov/2021:01:38:44 +0100] 45.146.164.110 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[07/Nov/2021:01:38:47 +0100] 45.146.164.110 TLSv1.2 AES256-SHA "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 293
[07/Nov/2021:01:38:47 +0100] 45.146.164.110 TLSv1.2 AES256-SHA "GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1" 390
[07/Nov/2021:01:38:47 +0100] 45.146.164.110 TLSv1.2 AES256-SHA "GET /wp-content/plugins/wp-file-manager/readme.txt HTTP/1.1" 332
[07/Nov/2021:01:38:47 +0100] 45.146.164.110 TLSv1.2 AES256-SHA "GET /console/ HTTP/1.1" 307
[07/Nov/2021:01:38:51 +0100] 45.146.164.110 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[07/Nov/2021:02:50:52 +0100] 51.222.253.1 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /robots.txt HTTP/1.1" 304
[07/Nov/2021:02:50:54 +0100] 54.36.149.19 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 297
[07/Nov/2021:02:58:40 +0100] 162.221.192.26 TLSv1.2 DHE-RSA-AES256-SHA256 "GET / HTTP/1.1" 301
[07/Nov/2021:03:34:31 +0100] 192.241.205.162 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[07/Nov/2021:04:51:18 +0100] 184.105.247.196 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[07/Nov/2021:04:52:28 +0100] 131.220.6.152 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 295
[07/Nov/2021:04:54:50 +0100] 163.172.212.155 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[07/Nov/2021:04:54:56 +0100] 163.172.212.155 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[07/Nov/2021:05:24:29 +0100] 2.57.122.23 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[07/Nov/2021:05:24:29 +0100] 2.57.122.23 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[07/Nov/2021:06:05:39 +0100] 103.203.57.29 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[07/Nov/2021:06:45:15 +0100] 159.89.13.215 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[07/Nov/2021:07:34:07 +0100] 185.65.134.167 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /autodiscover/autodiscover.json?@test.com/owa/?&Email=autodiscover/autodiscover.json%3F@test.com HTTP/1.1" 349
[07/Nov/2021:07:55:57 +0100] 51.222.253.4 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /robots.txt HTTP/1.1" 302
[07/Nov/2021:07:55:59 +0100] 54.36.149.63 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 295
[07/Nov/2021:08:09:16 +0100] 198.199.104.235 TLSv1.2 AES256-SHA "GET /owa/auth/x.js HTTP/1.1" 310
[07/Nov/2021:08:12:59 +0100] 192.241.193.131 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[07/Nov/2021:08:13:18 +0100] 192.241.205.35 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx HTTP/1.1" 314
[07/Nov/2021:08:56:54 +0100] 157.55.39.18 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 304
[07/Nov/2021:10:53:34 +0100] 192.241.208.101 TLSv1.2 AES256-SHA "GET /actuator/health HTTP/1.1" 310
[07/Nov/2021:10:57:15 +0100] 182.161.66.103 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[07/Nov/2021:11:57:58 +0100] 178.239.21.102 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET ///libs/js/iframe.js HTTP/1.1" 313
[07/Nov/2021:13:16:21 +0100] 162.221.192.26 TLSv1.2 DHE-RSA-AES256-SHA256 "GET / HTTP/1.1" 301
[07/Nov/2021:13:50:46 +0100] 139.162.145.250 TLSv1.2 AES256-SHA "GET /bag2 HTTP/1.1" 304
[07/Nov/2021:14:26:55 +0100] 198.199.112.175 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[07/Nov/2021:16:13:18 +0100] 64.225.72.132 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[07/Nov/2021:16:14:41 +0100] 154.209.125.21 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[07/Nov/2021:16:23:36 +0100] 192.241.200.89 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[07/Nov/2021:16:39:56 +0100] 128.14.134.134 TLSv1.2 DHE-RSA-AES256-SHA256 "GET /owa/ HTTP/1.1" 304
[07/Nov/2021:17:34:39 +0100] 185.40.4.70 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET //a2billing/customer/templates/default/footer.tpl HTTP/1.1" 333
[07/Nov/2021:18:08:05 +0100] 23.251.102.74 TLSv1.2 DHE-RSA-AES256-SHA256 "GET / HTTP/1.1" 301
[07/Nov/2021:18:08:20 +0100] 23.251.102.74 TLSv1.2 DHE-RSA-AES256-SHA256 "GET /webfig/ HTTP/1.1" 307
[07/Nov/2021:18:38:35 +0100] 103.206.245.77 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[07/Nov/2021:19:08:26 +0100] 45.155.204.227 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /autodiscover/autodiscover.json?@evil.corp/ews/exchange.asmx?&Email=autodiscover/autodiscover.json%3F@evil.corp HTTP/1.1" 362
[07/Nov/2021:19:18:46 +0100] 157.55.39.49 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /robots.txt HTTP/1.1" 311
[07/Nov/2021:19:18:48 +0100] 157.55.39.49 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /robots.txt HTTP/1.1" 311
[07/Nov/2021:19:20:00 +0100] 157.55.39.18 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 304
[07/Nov/2021:19:42:34 +0100] 80.66.88.100 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[07/Nov/2021:20:41:09 +0100] 208.100.26.233 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 297
[07/Nov/2021:21:34:47 +0100] 35.161.26.115 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[07/Nov/2021:21:35:11 +0100] 54.184.69.200 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 314
[07/Nov/2021:22:06:57 +0100] 185.56.80.65 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[07/Nov/2021:22:07:46 +0100] 185.220.101.34 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[07/Nov/2021:22:28:30 +0100] 54.71.140.88 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[07/Nov/2021:22:38:14 +0100] 52.11.138.228 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[07/Nov/2021:22:38:41 +0100] 18.237.110.75 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[08/Nov/2021:00:19:39 +0100] 195.133.20.99 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 295
[08/Nov/2021:00:48:15 +0100] 54.214.80.185 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 306
[08/Nov/2021:00:48:26 +0100] 18.236.231.120 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 313