[11/Nov/2021:01:16:22 +0100] 35.195.93.98 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[11/Nov/2021:01:24:02 +0100] 138.246.253.24 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 393
[11/Nov/2021:01:24:39 +0100] 54.201.196.140 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[11/Nov/2021:01:25:02 +0100] 54.185.84.217 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 302
[11/Nov/2021:03:09:51 +0100] 178.239.21.162 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET ///remote/fgt_lang?lang=/../../../..//////////dev/ HTTP/1.1" 325
[11/Nov/2021:04:55:52 +0100] 131.220.6.152 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 295
[11/Nov/2021:05:01:18 +0100] 103.203.57.29 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[11/Nov/2021:06:44:42 +0100] 157.55.39.34 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 304
[11/Nov/2021:08:44:25 +0100] 192.241.209.74 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[11/Nov/2021:09:57:52 +0100] 213.164.204.146 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[11/Nov/2021:09:58:03 +0100] 23.129.64.211 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[11/Nov/2021:09:58:04 +0100] 20.197.177.101 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[11/Nov/2021:10:21:29 +0100] 185.180.143.8 TLSv1.2 DHE-RSA-AES256-SHA256 "GET / HTTP/1.1" 301
[11/Nov/2021:12:00:12 +0100] 109.237.103.118 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[11/Nov/2021:12:00:13 +0100] 109.237.103.118 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.env HTTP/1.1" 304
[11/Nov/2021:12:03:27 +0100] 64.62.197.62 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[11/Nov/2021:13:21:29 +0100] 45.146.164.110 TLSv1.2 AES256-SHA "POST /api/jsonws/invoke HTTP/1.1" 314
[11/Nov/2021:13:21:29 +0100] 45.146.164.110 TLSv1.2 AES256-SHA "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[11/Nov/2021:13:21:30 +0100] 45.146.164.110 TLSv1.2 AES256-SHA "GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1" 390
[11/Nov/2021:13:21:31 +0100] 45.146.164.110 TLSv1.2 AES256-SHA "POST /mifs/.;/services/LogService HTTP/1.1" 318
[11/Nov/2021:13:21:33 +0100] 45.146.164.110 TLSv1.2 AES256-SHA "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[11/Nov/2021:13:21:33 +0100] 45.146.164.110 TLSv1.2 AES256-SHA "GET /wp-content/plugins/wp-file-manager/readme.txt HTTP/1.1" 332
[11/Nov/2021:13:21:35 +0100] 45.146.164.110 TLSv1.2 AES256-SHA "GET /console/ HTTP/1.1" 307
[11/Nov/2021:13:21:36 +0100] 45.146.164.110 TLSv1.2 AES256-SHA "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 293
[11/Nov/2021:13:21:41 +0100] 45.146.164.110 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[11/Nov/2021:13:21:45 +0100] 45.146.164.110 TLSv1.2 AES256-SHA "POST /Autodiscover/Autodiscover.xml HTTP/1.1" 315
[11/Nov/2021:13:21:46 +0100] 45.146.164.110 TLSv1.2 AES256-SHA "GET /_ignition/execute-solution HTTP/1.1" 319
[11/Nov/2021:13:21:47 +0100] 45.146.164.110 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[11/Nov/2021:13:21:47 +0100] 45.146.164.110 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327
[11/Nov/2021:13:21:49 +0100] 45.146.164.110 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[11/Nov/2021:13:37:09 +0100] 119.61.0.140 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[11/Nov/2021:14:17:15 +0100] 45.155.204.227 TLSv1.2 AES256-SHA "GET /autodiscover/autodiscover.json?@evil.corp/ews/exchange.asmx?&Email=autodiscover/autodiscover.json%3F@evil.corp HTTP/1.1" 362
[11/Nov/2021:15:11:31 +0100] 192.241.209.12 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[11/Nov/2021:16:17:30 +0100] 165.154.44.158 TLSv1.2 AES256-SHA "GET / HTTP/1.0" 383
[11/Nov/2021:16:25:55 +0100] 77.76.70.89 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 379
[11/Nov/2021:17:27:42 +0100] 18.206.174.130 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /wp-login.php HTTP/1.1" 409
[11/Nov/2021:17:27:42 +0100] 18.206.174.130 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /wp-login.php HTTP/1.1" 410
[11/Nov/2021:18:18:51 +0100] 212.71.235.168 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[11/Nov/2021:18:56:45 +0100] 18.191.29.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[11/Nov/2021:18:56:45 +0100] 18.191.29.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 301
[11/Nov/2021:20:07:42 +0100] 125.64.94.144 TLSv1.2 AES256-SHA "GET / HTTP/1.0" 388
[11/Nov/2021:20:07:43 +0100] 125.64.94.144 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[11/Nov/2021:20:07:44 +0100] 125.64.94.144 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[11/Nov/2021:20:07:46 +0100] 125.64.94.144 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[11/Nov/2021:20:07:47 +0100] 125.64.94.144 TLSv1.2 AES256-SHA "GET /favicon.ico/ HTTP/1.1" 309
[11/Nov/2021:20:07:48 +0100] 125.64.94.144 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 308
[11/Nov/2021:20:07:49 +0100] 125.64.94.144 TLSv1.2 AES256-SHA "GET /robots.txt/ HTTP/1.1" 309
[11/Nov/2021:20:07:51 +0100] 125.64.94.144 TLSv1.2 AES256-SHA "GET /.well-known/security.txt HTTP/1.1" 319
[11/Nov/2021:20:07:52 +0100] 125.64.94.144 TLSv1.2 AES256-SHA "GET /.well-known/security.txt/ HTTP/1.1" 319
[11/Nov/2021:20:30:14 +0100] 3.82.36.189 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /wp-login.php HTTP/1.1" 393
[11/Nov/2021:22:06:04 +0100] 54.202.145.66 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[11/Nov/2021:22:06:26 +0100] 35.166.75.30 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 314
[11/Nov/2021:22:06:31 +0100] 35.166.75.30 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[11/Nov/2021:22:07:30 +0100] 157.55.39.34 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 304
[12/Nov/2021:00:26:37 +0100] 54.187.113.103 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 306
[12/Nov/2021:00:27:08 +0100] 52.43.105.82 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 313
[12/Nov/2021:00:27:14 +0100] 52.43.105.82 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 306