[01/Jun/2022:02:15:21 +0200] 193.106.191.48 TLSv1.2 AES256-SHA "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 293
[01/Jun/2022:02:59:30 +0200] 164.92.219.15 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Jun/2022:03:39:17 +0200] 192.241.213.80 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[01/Jun/2022:04:07:56 +0200] 167.94.138.120 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[01/Jun/2022:04:07:57 +0200] 167.94.138.120 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Jun/2022:04:07:57 +0200] 167.94.138.120 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[01/Jun/2022:04:28:22 +0200] 164.90.174.17 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 297
[01/Jun/2022:04:34:01 +0200] 88.214.43.118 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /infophp.php HTTP/1.1" 314
[01/Jun/2022:04:34:02 +0200] 88.214.43.118 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /infophp.php HTTP/1.1" 314
[01/Jun/2022:04:53:40 +0200] 131.220.6.152 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 295
[01/Jun/2022:05:00:06 +0200] 185.142.236.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[01/Jun/2022:05:00:49 +0200] 185.142.236.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[01/Jun/2022:05:01:06 +0200] 185.142.236.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[01/Jun/2022:05:01:11 +0200] 185.142.236.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[01/Jun/2022:05:01:19 +0200] 185.142.236.41 TLSv1.2 AES256-SHA "quit" 379
[01/Jun/2022:05:01:21 +0200] 185.142.236.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /robots.txt HTTP/1.1" 393
[01/Jun/2022:05:06:43 +0200] 51.15.195.246 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 386
[01/Jun/2022:06:06:30 +0200] 192.241.213.189 TLSv1.2 AES256-SHA "GET /ReportServer HTTP/1.1" 307
[01/Jun/2022:06:33:54 +0200] 18.144.87.73 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "HEAD /epa/scripts/win/nsepa_setup.exe HTTP/1.1" -
[01/Jun/2022:06:43:19 +0200] 192.241.212.248 TLSv1.2 AES256-SHA "GET /login HTTP/1.1" 305
[01/Jun/2022:06:47:04 +0200] 35.195.93.98 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[01/Jun/2022:08:07:48 +0200] 184.105.247.194 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[01/Jun/2022:08:08:22 +0200] 83.136.32.58 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "HEAD / HTTP/1.0" -
[01/Jun/2022:08:12:49 +0200] 185.189.182.234 TLSv1.2 AES256-SHA "GET /2xw; HTTP/1.1" 379
[01/Jun/2022:08:29:43 +0200] 54.176.14.18 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /owa/auth/logon.aspx HTTP/1.1" 402
[01/Jun/2022:09:27:18 +0200] 161.35.86.181 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 379
[01/Jun/2022:09:27:19 +0200] 161.35.86.181 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[01/Jun/2022:09:27:19 +0200] 161.35.86.181 TLSv1.2 AES256-SHA "PUT /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[01/Jun/2022:09:27:19 +0200] 161.35.86.181 TLSv1.2 AES256-SHA "HEAD /cgi-bin/blockpage.cgi HTTP/1.1" -
[01/Jun/2022:09:27:20 +0200] 161.35.86.181 TLSv1.2 AES256-SHA "GET /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/hosts HTTP/1.1" 293
[01/Jun/2022:09:27:20 +0200] 161.35.86.181 TLSv1.2 AES256-SHA "GET /.DS_Store HTTP/1.1" 307
[01/Jun/2022:09:27:20 +0200] 161.35.86.181 TLSv1.2 AES256-SHA "GET /s/lkx/_/;/META-INF/maven/com.atlassian.jira/jira-webapp-dist/pom.properties HTTP/1.1" 353
[01/Jun/2022:09:27:20 +0200] 161.35.86.181 TLSv1.2 AES256-SHA "GET /config.json HTTP/1.1" 311
[01/Jun/2022:09:27:21 +0200] 161.35.86.181 TLSv1.2 AES256-SHA "GET /.env HTTP/1.1" 304
[01/Jun/2022:09:27:21 +0200] 161.35.86.181 TLSv1.2 AES256-SHA "GET /.json HTTP/1.1" 305
[01/Jun/2022:09:27:21 +0200] 161.35.86.181 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[01/Jun/2022:09:27:21 +0200] 161.35.86.181 TLSv1.2 AES256-SHA "GET /api/geojson?url=file:///etc/hosts HTTP/1.1" 325
[01/Jun/2022:09:27:21 +0200] 161.35.86.181 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Jun/2022:09:27:21 +0200] 161.35.86.181 TLSv1.2 AES256-SHA "GET /v2/_catalog HTTP/1.1" 310
[01/Jun/2022:09:27:22 +0200] 161.35.86.181 TLSv1.2 AES256-SHA "GET /info.php HTTP/1.1" 307
[01/Jun/2022:09:27:22 +0200] 161.35.86.181 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[01/Jun/2022:09:27:22 +0200] 161.35.86.181 TLSv1.2 AES256-SHA "GET /server-status HTTP/1.1" 308
[01/Jun/2022:10:06:14 +0200] 157.55.39.125 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 304
[01/Jun/2022:13:19:32 +0200] 183.136.225.35 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[01/Jun/2022:13:37:47 +0200] 192.241.221.14 TLSv1.2 AES256-SHA "GET /owa/auth/x.js HTTP/1.1" 310
[01/Jun/2022:13:38:56 +0200] 192.241.219.237 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx HTTP/1.1" 314
[01/Jun/2022:13:39:08 +0200] 192.241.221.222 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[01/Jun/2022:14:11:03 +0200] 193.106.191.48 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Jun/2022:14:13:17 +0200] 205.210.31.133 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 377
[01/Jun/2022:14:51:26 +0200] 193.106.191.48 TLSv1.2 AES256-SHA "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[01/Jun/2022:15:44:07 +0200] 193.149.176.184 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 377
[01/Jun/2022:16:18:52 +0200] 193.106.191.48 TLSv1.2 AES256-SHA "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[01/Jun/2022:17:16:42 +0200] 205.210.31.15 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 377
[01/Jun/2022:17:18:32 +0200] 193.106.191.48 TLSv1.2 AES256-SHA "GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1" 390
[01/Jun/2022:17:36:18 +0200] 198.235.24.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 377
[01/Jun/2022:17:56:14 +0200] 193.106.191.48 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327
[01/Jun/2022:18:21:59 +0200] 185.100.87.54 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[01/Jun/2022:18:45:25 +0200] 193.106.191.48 TLSv1.2 AES256-SHA "POST /mifs/.;/services/LogService HTTP/1.1" 318
[01/Jun/2022:18:58:31 +0200] 185.220.101.132 TLSv1.2 AES256-SHA "GET /.DS_Store HTTP/1.1" 312
[01/Jun/2022:18:58:33 +0200] 185.220.101.184 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 314
[01/Jun/2022:18:58:38 +0200] 45.154.98.173 TLSv1.2 AES256-SHA "GET /.DS_Store HTTP/1.1" 312
[01/Jun/2022:19:01:52 +0200] 192.241.221.149 TLSv1.2 AES256-SHA "GET /actuator/health HTTP/1.1" 310
[01/Jun/2022:19:08:45 +0200] 137.226.113.44 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 308
[01/Jun/2022:19:18:24 +0200] 104.206.128.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[01/Jun/2022:19:49:43 +0200] 193.106.191.48 TLSv1.2 AES256-SHA "GET /console/ HTTP/1.1" 307
[01/Jun/2022:20:04:15 +0200] 205.210.31.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 377
[01/Jun/2022:20:23:12 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[01/Jun/2022:20:23:13 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.env HTTP/1.1" 304
[01/Jun/2022:20:23:13 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/credentials HTTP/1.1" 311
[01/Jun/2022:20:23:14 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/credentials HTTP/1.1" 311
[01/Jun/2022:20:23:14 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/config HTTP/1.1" 310
[01/Jun/2022:20:23:15 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/config HTTP/1.1" 310
[01/Jun/2022:20:23:15 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /aws/credentials HTTP/1.1" 310
[01/Jun/2022:20:23:16 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /aws/credentials HTTP/1.1" 310
[01/Jun/2022:20:23:16 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws HTTP/1.1" 304
[01/Jun/2022:20:23:16 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws HTTP/1.1" 304
[01/Jun/2022:20:23:17 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /public/.env HTTP/1.1" 309
[01/Jun/2022:20:23:17 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /public/.env HTTP/1.1" 309
[01/Jun/2022:20:23:18 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /public/.aws/credentials HTTP/1.1" 316
[01/Jun/2022:20:23:18 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /public/.aws/credentials HTTP/1.1" 316
[01/Jun/2022:20:23:19 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/config HTTP/1.1" 310
[01/Jun/2022:20:23:19 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/config HTTP/1.1" 310
[01/Jun/2022:20:23:20 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /public/aws/credentials HTTP/1.1" 316
[01/Jun/2022:20:23:20 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /public/aws/credentials HTTP/1.1" 316
[01/Jun/2022:20:23:21 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /public/.aws HTTP/1.1" 309
[01/Jun/2022:20:23:21 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /public/.aws HTTP/1.1" 309
[01/Jun/2022:20:30:14 +0200] 193.106.191.48 TLSv1.2 AES256-SHA "POST /Autodiscover/Autodiscover.xml HTTP/1.1" 315
[01/Jun/2022:20:34:46 +0200] 34.122.66.235 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 295
[01/Jun/2022:21:13:45 +0200] 192.241.222.127 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Jun/2022:21:31:03 +0200] 193.106.191.48 TLSv1.2 AES256-SHA "GET /_ignition/execute-solution HTTP/1.1" 319
[01/Jun/2022:22:01:38 +0200] 40.77.167.104 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 311
[01/Jun/2022:22:01:39 +0200] 40.77.167.104 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 311
[01/Jun/2022:22:01:52 +0200] 157.55.39.125 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 304
[01/Jun/2022:22:25:04 +0200] 193.106.191.48 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Jun/2022:22:28:29 +0200] 103.203.57.25 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Jun/2022:23:30:16 +0200] 193.106.191.48 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[02/Jun/2022:00:42:10 +0200] 208.100.26.233 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 297
[02/Jun/2022:01:50:15 +0200] 66.249.70.90 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 308
[02/Jun/2022:01:50:16 +0200] 66.249.70.90 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301