[01/Feb/2022:01:20:40 +0100] 193.118.53.194 TLSv1.2 DHE-RSA-AES256-SHA256 "GET /owa/ HTTP/1.1" 304
[01/Feb/2022:03:11:02 +0100] 45.146.165.37 TLSv1.2 AES256-SHA "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[01/Feb/2022:03:22:16 +0100] 40.77.167.97 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 311
[01/Feb/2022:03:22:17 +0100] 40.77.167.97 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 311
[01/Feb/2022:03:22:26 +0100] 157.55.39.143 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 304
[01/Feb/2022:04:09:01 +0100] 45.146.165.37 TLSv1.2 AES256-SHA "GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1" 390
[01/Feb/2022:04:31:08 +0100] 54.219.38.77 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /owa/auth/logon.aspx HTTP/1.1" 402
[01/Feb/2022:04:46:44 +0100] 60.217.75.69 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Feb/2022:04:52:19 +0100] 167.248.133.120 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[01/Feb/2022:04:52:19 +0100] 167.248.133.120 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Feb/2022:04:55:50 +0100] 131.220.6.152 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 295
[01/Feb/2022:05:19:13 +0100] 45.146.165.37 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327
[01/Feb/2022:06:11:49 +0100] 43.130.10.173 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 500
[01/Feb/2022:06:12:17 +0100] 209.141.41.193 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Feb/2022:06:12:20 +0100] 205.185.117.203 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Feb/2022:06:12:26 +0100] 205.185.117.203 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Feb/2022:06:12:30 +0100] 209.141.36.112 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Feb/2022:06:12:38 +0100] 103.114.158.1 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 308
[01/Feb/2022:06:12:41 +0100] 8.31.2.94 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[01/Feb/2022:06:25:23 +0100] 44.242.173.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "HEAD /epa/scripts/win/nsepa_setup.exe HTTP/1.1" -
[01/Feb/2022:06:31:39 +0100] 185.189.182.234 TLSv1.2 AES256-SHA "GET /hVEY HTTP/1.1" 379
[01/Feb/2022:07:11:04 +0100] 192.241.213.20 TLSv1.2 AES256-SHA "GET /actuator/health HTTP/1.1" 310
[01/Feb/2022:07:11:14 +0100] 45.146.165.37 TLSv1.2 AES256-SHA "GET /console/ HTTP/1.1" 307
[01/Feb/2022:07:16:11 +0100] 130.211.54.158 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[01/Feb/2022:07:48:52 +0100] 216.218.206.69 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[01/Feb/2022:08:05:12 +0100] 45.146.165.37 TLSv1.2 AES256-SHA "POST /Autodiscover/Autodiscover.xml HTTP/1.1" 315
[01/Feb/2022:08:06:12 +0100] 128.14.209.162 TLSv1.2 DHE-RSA-AES256-SHA256 "GET / HTTP/1.1" 301
[01/Feb/2022:08:06:14 +0100] 128.14.209.162 TLSv1.2 DHE-RSA-AES256-SHA256 "GET /webfig/ HTTP/1.1" 307
[01/Feb/2022:08:14:57 +0100] 71.6.232.7 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Feb/2022:08:40:51 +0100] 45.146.165.37 TLSv1.2 AES256-SHA "GET /_ignition/execute-solution HTTP/1.1" 319
[01/Feb/2022:09:29:39 +0100] 45.146.165.37 TLSv1.2 AES256-SHA "-" -
[01/Feb/2022:10:26:11 +0100] 192.241.209.122 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Feb/2022:10:32:51 +0100] 45.146.165.37 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Feb/2022:10:44:32 +0100] 45.146.165.37 TLSv1.2 AES256-SHA "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 293
[01/Feb/2022:11:43:12 +0100] 45.146.165.37 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Feb/2022:12:34:59 +0100] 35.195.95.231 TLSv1.2 AES256-SHA "GET /assets/js/quickblox/config.js HTTP/1.1" 324
[01/Feb/2022:12:57:59 +0100] 193.118.53.194 TLSv1.2 DHE-RSA-AES256-SHA256 "GET / HTTP/1.1" 301
[01/Feb/2022:13:01:21 +0100] 40.77.167.97 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 311
[01/Feb/2022:13:01:22 +0100] 40.77.167.97 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 311
[01/Feb/2022:13:01:32 +0100] 157.55.39.143 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 304
[01/Feb/2022:14:15:48 +0100] 178.239.21.164 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET ///admin/config.php HTTP/1.1" 313
[01/Feb/2022:14:23:07 +0100] 208.100.26.237 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 298
[01/Feb/2022:15:34:03 +0100] 161.35.188.242 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 379
[01/Feb/2022:15:34:31 +0100] 161.35.188.242 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[01/Feb/2022:15:34:32 +0100] 161.35.188.242 TLSv1.2 AES256-SHA "GET /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/hosts HTTP/1.1" 293
[01/Feb/2022:15:34:33 +0100] 161.35.188.242 TLSv1.2 AES256-SHA "GET /.DS_Store HTTP/1.1" 307
[01/Feb/2022:15:34:34 +0100] 161.35.188.242 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[01/Feb/2022:15:34:34 +0100] 161.35.188.242 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[01/Feb/2022:15:34:36 +0100] 43.153.10.221 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 500
[01/Feb/2022:15:35:11 +0100] 205.185.122.184 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Feb/2022:15:35:14 +0100] 8.31.2.109 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Feb/2022:15:35:24 +0100] 205.185.117.203 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[01/Feb/2022:15:35:28 +0100] 209.141.42.155 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Feb/2022:15:35:30 +0100] 209.141.36.231 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Feb/2022:15:35:39 +0100] 205.185.122.184 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 308
[01/Feb/2022:15:35:47 +0100] 101.227.1.196 TLSv1.2 AES256-SHA "-" -
[01/Feb/2022:16:24:24 +0100] 23.250.19.242 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[01/Feb/2022:16:24:56 +0100] 23.250.19.242 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[01/Feb/2022:16:24:56 +0100] 23.250.19.242 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[01/Feb/2022:16:24:56 +0100] 23.250.19.242 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[01/Feb/2022:16:25:00 +0100] 23.250.19.242 TLSv1.2 AES256-SHA "quit" 379
[01/Feb/2022:16:25:00 +0100] 23.250.19.242 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /robots.txt HTTP/1.1" 393
[01/Feb/2022:16:25:01 +0100] 23.250.19.242 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /sitemap.xml HTTP/1.1" 394
[01/Feb/2022:16:25:01 +0100] 23.250.19.242 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.well-known/security.txt HTTP/1.1" 407
[01/Feb/2022:16:25:02 +0100] 23.250.19.242 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /favicon.ico HTTP/1.1" 309
[01/Feb/2022:16:25:17 +0100] 23.250.19.242 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[01/Feb/2022:16:27:30 +0100] 221.130.37.157 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 385
[01/Feb/2022:16:52:35 +0100] 35.195.198.105 TLSv1.2 AES256-SHA "GET /assets/js/quickblox/config.js HTTP/1.1" 324
[01/Feb/2022:16:57:34 +0100] 23.251.102.74 TLSv1.2 DHE-RSA-AES256-SHA256 "GET /solr/ HTTP/1.1" 304
[01/Feb/2022:16:59:25 +0100] 34.77.162.21 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 394
[01/Feb/2022:17:33:20 +0100] 167.94.138.46 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[01/Feb/2022:17:33:20 +0100] 167.94.138.46 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Feb/2022:17:50:45 +0100] 128.199.127.143 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 313
[01/Feb/2022:17:50:48 +0100] 128.199.127.143 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /vendor/.env HTTP/1.1" 317
[01/Feb/2022:17:50:50 +0100] 128.199.127.143 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /storage/.env HTTP/1.1" 318
[01/Feb/2022:17:50:52 +0100] 128.199.127.143 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /public/.env HTTP/1.1" 318
[01/Feb/2022:17:50:55 +0100] 128.199.127.143 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /info.php HTTP/1.1" 316
[01/Feb/2022:17:50:57 +0100] 128.199.127.143 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /phpinfo.php HTTP/1.1" 318
[01/Feb/2022:17:50:59 +0100] 128.199.127.143 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /info HTTP/1.1" 313
[01/Feb/2022:17:51:01 +0100] 128.199.127.143 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 311
[01/Feb/2022:17:51:18 +0100] 128.199.127.143 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 307
[01/Feb/2022:17:51:20 +0100] 128.199.127.143 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /vendor/.env HTTP/1.1" 311
[01/Feb/2022:17:51:22 +0100] 128.199.127.143 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /storage/.env HTTP/1.1" 312
[01/Feb/2022:17:51:24 +0100] 128.199.127.143 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /public/.env HTTP/1.1" 312
[01/Feb/2022:17:51:27 +0100] 128.199.127.143 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /info.php HTTP/1.1" 310
[01/Feb/2022:17:51:29 +0100] 128.199.127.143 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /phpinfo.php HTTP/1.1" 311
[01/Feb/2022:17:51:32 +0100] 128.199.127.143 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /info HTTP/1.1" 307
[01/Feb/2022:17:51:34 +0100] 128.199.127.143 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 304
[01/Feb/2022:19:48:04 +0100] 161.35.188.242 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 379
[01/Feb/2022:19:48:34 +0100] 161.35.188.242 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[01/Feb/2022:19:48:36 +0100] 161.35.188.242 TLSv1.2 AES256-SHA "GET /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/hosts HTTP/1.1" 293
[01/Feb/2022:19:48:37 +0100] 161.35.188.242 TLSv1.2 AES256-SHA "GET /.DS_Store HTTP/1.1" 307
[01/Feb/2022:19:48:37 +0100] 161.35.188.242 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 310
[01/Feb/2022:19:48:37 +0100] 161.35.188.242 TLSv1.2 AES256-SHA "GET /debug/default/view?panel=config HTTP/1.1" 325
[01/Feb/2022:19:48:38 +0100] 161.35.188.242 TLSv1.2 AES256-SHA "GET /api/search?folderIds=0 HTTP/1.1" 316
[01/Feb/2022:19:48:40 +0100] 43.153.10.221 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 500
[01/Feb/2022:19:49:07 +0100] 8.26.182.170 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Feb/2022:19:49:10 +0100] 8.31.2.94 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Feb/2022:19:49:18 +0100] 205.185.117.203 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[01/Feb/2022:19:49:27 +0100] 209.141.35.128 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Feb/2022:19:49:30 +0100] 8.31.2.94 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Feb/2022:19:49:38 +0100] 209.141.35.128 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 308
[01/Feb/2022:20:02:00 +0100] 83.136.32.58 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "HEAD / HTTP/1.0" -
[01/Feb/2022:21:11:41 +0100] 193.118.53.210 TLSv1.2 DHE-RSA-AES256-SHA256 "GET / HTTP/1.1" 301
[01/Feb/2022:21:32:35 +0100] 208.100.26.235 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 297
[01/Feb/2022:21:38:34 +0100] 3.139.63.183 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[01/Feb/2022:22:16:10 +0100] 18.237.193.154 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[01/Feb/2022:22:16:33 +0100] 34.208.181.162 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[01/Feb/2022:22:17:14 +0100] 54.214.216.112 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 314
[01/Feb/2022:22:17:19 +0100] 54.214.216.112 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[01/Feb/2022:22:55:46 +0100] 192.241.209.199 TLSv1.2 AES256-SHA "GET /owa/auth/x.js HTTP/1.1" 310
[01/Feb/2022:22:56:01 +0100] 192.241.211.186 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[01/Feb/2022:22:57:19 +0100] 192.241.213.79 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx HTTP/1.1" 314
[01/Feb/2022:23:33:26 +0100] 192.241.205.74 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[01/Feb/2022:23:41:25 +0100] 192.241.205.31 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[02/Feb/2022:00:25:11 +0100] 45.146.165.37 TLSv1.2 AES256-SHA "GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1" 390
[02/Feb/2022:00:26:10 +0100] 138.246.253.24 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 393
[02/Feb/2022:00:28:54 +0100] 54.71.211.85 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 306
[02/Feb/2022:00:29:25 +0100] 54.186.164.184 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 313
[02/Feb/2022:00:29:28 +0100] 54.186.164.184 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 306
[02/Feb/2022:00:29:57 +0100] 128.1.248.26 TLSv1.2 DHE-RSA-AES256-SHA256 "GET / HTTP/1.1" 301
[02/Feb/2022:00:31:48 +0100] 192.241.206.199 TLSv1.2 AES256-SHA "GET /ReportServer HTTP/1.1" 307
[02/Feb/2022:00:50:22 +0100] 192.241.203.17 TLSv1.2 AES256-SHA "GET /login HTTP/1.1" 305
[02/Feb/2022:00:52:23 +0100] 212.199.162.239 TLSv1.2 AES256-SHA "GET /autodiscover/autodiscover.json?@foo.com/mapi/nspi/?&Email=autodiscover/autodiscover.json%3f@foo.com HTTP/1.1" 353