[06/Jun/2022:03:14:24 +0200] 193.106.191.48 TLSv1.2 AES256-SHA "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[06/Jun/2022:03:43:00 +0200] 192.241.221.207 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[06/Jun/2022:03:56:17 +0200] 193.106.191.48 TLSv1.2 AES256-SHA "GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1" 390
[06/Jun/2022:04:02:35 +0200] 80.94.93.250 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /admin/config.php HTTP/1.1" 313
[06/Jun/2022:04:13:31 +0200] 192.241.221.234 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[06/Jun/2022:04:46:48 +0200] 193.106.191.48 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327
[06/Jun/2022:04:53:28 +0200] 131.220.6.152 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 295
[06/Jun/2022:05:35:45 +0200] 193.106.191.48 TLSv1.2 AES256-SHA "POST /mifs/.;/services/LogService HTTP/1.1" 318
[06/Jun/2022:05:37:17 +0200] 193.118.53.202 TLSv1.2 DHE-RSA-AES256-SHA256 "GET / HTTP/1.1" 301
[06/Jun/2022:06:08:02 +0200] 81.71.60.111 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[06/Jun/2022:06:22:19 +0200] 209.126.136.3 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[06/Jun/2022:06:29:43 +0200] 35.233.62.116 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[06/Jun/2022:06:38:30 +0200] 193.106.191.48 TLSv1.2 AES256-SHA "GET /console/ HTTP/1.1" 307
[06/Jun/2022:06:51:31 +0200] 81.209.177.16 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /robots.txt HTTP/1.1" 395
[06/Jun/2022:06:51:31 +0200] 81.209.177.16 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 385
[06/Jun/2022:07:18:11 +0200] 193.106.191.48 TLSv1.2 AES256-SHA "POST /Autodiscover/Autodiscover.xml HTTP/1.1" 315
[06/Jun/2022:07:26:12 +0200] 184.105.247.194 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[06/Jun/2022:07:52:58 +0200] 193.106.191.48 TLSv1.2 AES256-SHA "GET /_ignition/execute-solution HTTP/1.1" 319
[06/Jun/2022:08:03:49 +0200] 128.14.134.134 TLSv1.2 DHE-RSA-AES256-SHA256 "GET / HTTP/1.1" 301
[06/Jun/2022:09:25:20 +0200] 193.106.191.48 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[06/Jun/2022:09:57:37 +0200] 193.106.191.48 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[06/Jun/2022:11:11:05 +0200] 193.106.191.48 TLSv1.2 AES256-SHA "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 293
[06/Jun/2022:11:29:46 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "GET /dns-query?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB HTTP/1.1" 343
[06/Jun/2022:11:29:48 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "GET /dns-query?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB HTTP/1.1" 343
[06/Jun/2022:11:29:52 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "POST /dns-query HTTP/1.1" 308
[06/Jun/2022:11:29:54 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "POST /dns-query HTTP/1.1" 308
[06/Jun/2022:11:29:57 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "GET /query?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB HTTP/1.1" 340
[06/Jun/2022:11:29:59 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "GET /query?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB HTTP/1.1" 340
[06/Jun/2022:11:30:02 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "POST /query HTTP/1.1" 305
[06/Jun/2022:11:30:05 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "POST /query HTTP/1.1" 305
[06/Jun/2022:11:30:08 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "GET /resolve?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB HTTP/1.1" 342
[06/Jun/2022:11:30:10 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "GET /resolve?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB HTTP/1.1" 342
[06/Jun/2022:11:30:13 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "POST /resolve HTTP/1.1" 305
[06/Jun/2022:11:30:15 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "POST /resolve HTTP/1.1" 305
[06/Jun/2022:11:30:18 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "GET /?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB HTTP/1.1" 337
[06/Jun/2022:11:30:20 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "GET /?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB HTTP/1.1" 337
[06/Jun/2022:11:30:23 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "POST / HTTP/1.1" 301
[06/Jun/2022:11:30:25 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "POST / HTTP/1.1" 301
[06/Jun/2022:11:51:11 +0200] 157.55.39.125 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 304
[06/Jun/2022:11:53:08 +0200] 109.237.103.118 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/credentials HTTP/1.1" 311
[06/Jun/2022:11:53:09 +0200] 109.237.103.118 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/credentials HTTP/1.1" 311
[06/Jun/2022:12:00:33 +0200] 159.223.214.78 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[06/Jun/2022:12:52:01 +0200] 128.14.134.170 TLSv1.2 DHE-RSA-AES256-SHA256 "GET / HTTP/1.1" 301
[06/Jun/2022:13:17:46 +0200] 192.241.222.24 TLSv1.2 AES256-SHA "GET /owa/auth/x.js HTTP/1.1" 310
[06/Jun/2022:13:18:25 +0200] 192.241.221.14 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[06/Jun/2022:13:19:08 +0200] 192.241.221.43 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx HTTP/1.1" 314
[06/Jun/2022:13:39:08 +0200] 192.241.206.202 TLSv1.2 AES256-SHA "GET /actuator/health HTTP/1.1" 310
[06/Jun/2022:13:44:06 +0200] 111.13.63.67 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[06/Jun/2022:13:44:14 +0200] 111.13.63.67 TLSv1.2 AES256-SHA "GET //sitemap.xml HTTP/1.1" 309
[06/Jun/2022:13:44:14 +0200] 111.13.63.67 TLSv1.2 AES256-SHA "GET //robots.txt HTTP/1.1" 308
[06/Jun/2022:13:44:15 +0200] 111.13.63.67 TLSv1.2 AES256-SHA "GET //.well-known/security.txt HTTP/1.1" 319
[06/Jun/2022:14:42:11 +0200] 20.232.197.111 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[06/Jun/2022:14:44:19 +0200] 161.35.14.135 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[06/Jun/2022:15:39:36 +0200] 94.102.56.151 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[06/Jun/2022:16:14:52 +0200] 202.102.144.122 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[06/Jun/2022:18:49:27 +0200] 172.105.189.111 TLSv1.2 DHE-RSA-AES256-SHA256 "GET / HTTP/1.1" 301
[06/Jun/2022:19:59:19 +0200] 92.118.161.57 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[06/Jun/2022:20:21:12 +0200] 119.90.42.89 TLSv1.2 AES256-SHA "{\"method\":\"login\",\"params\":{\"login\":\"45JymPWP1DeQxxMZNJv9w2bTQ2WJDAmw18wUSryDQa3RPrympJPoUSVcFEDv3bhiMJGWaCD4a3KrFCorJHCMqXJUKApSKDV\",\"pass\":\"xxoo\",\"agent\":\"xmr-stak-cpu/1.3.0-1.5.0\"},\"id\":1}" 379
[06/Jun/2022:20:21:13 +0200] 119.90.42.89 TLSv1.2 AES256-SHA "{\"id\":1,\"method\":\"mining.subscribe\",\"params\":[]}" 379
[06/Jun/2022:20:21:17 +0200] 119.90.42.89 TLSv1.2 AES256-SHA "{\"params\": [\"miner1\", \"password\"], \"id\": 2, \"method\": \"mining.authorize\"}" 379
[06/Jun/2022:20:21:19 +0200] 119.90.42.89 TLSv1.2 AES256-SHA "{\"id\":1,\"jsonrpc\":\"2.0\",\"method\":\"login\",\"params\":{\"login\":\"blue1\",\"pass\":\"x\",\"agent\":\"Windows NT 6.1; Win64; x64\"}}" 379
[06/Jun/2022:20:21:22 +0200] 119.90.42.89 TLSv1.2 AES256-SHA "{\"params\": [\"miner1\", \"bf\", \"00000001\", \"504e86ed\", \"b2957c02\"], \"id\": 4, \"method\": \"mining.submit\"}" 379
[06/Jun/2022:20:21:24 +0200] 119.90.42.89 TLSv1.2 AES256-SHA "{\"id\":1,\"jsonrpc\":\"2.0\",\"method\":\"login\",\"params\":{\"login\":\"x\",\"pass\":\"null\",\"agent\":\"XMRig/5.13.1\",\"algo\":[\"cn/1\",\"cn/2\",\"cn/r\",\"cn/fast\",\"cn/half\",\"cn/xao\",\"cn/rto\",\"cn/rwz\",\"cn/zls\",\"cn/double\",\"rx/0\",\"rx/wow\",\"rx/loki\",\"rx/arq\",\"rx/sfx\",\"rx/keva\"]}}" 379
[06/Jun/2022:21:21:11 +0200] 167.94.138.120 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[06/Jun/2022:21:21:11 +0200] 167.94.138.120 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[06/Jun/2022:21:21:12 +0200] 167.94.138.120 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[06/Jun/2022:22:15:53 +0200] 193.118.53.194 TLSv1.2 DHE-RSA-AES256-SHA256 "GET / HTTP/1.1" 301
[06/Jun/2022:23:16:05 +0200] 54.200.137.15 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[06/Jun/2022:23:17:42 +0200] 193.106.191.48 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[06/Jun/2022:23:48:43 +0200] 193.106.191.48 TLSv1.2 AES256-SHA "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[07/Jun/2022:00:21:46 +0200] 161.35.14.135 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[07/Jun/2022:00:24:38 +0200] 180.149.125.170 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[07/Jun/2022:00:41:15 +0200] 157.55.39.125 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 304
[07/Jun/2022:00:51:17 +0200] 193.106.191.48 TLSv1.2 AES256-SHA "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[07/Jun/2022:01:34:37 +0200] 193.106.191.48 TLSv1.2 AES256-SHA "GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1" 390