[24/Feb/2023:01:04:52 +0100] 34.78.6.216 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[24/Feb/2023:01:22:35 +0100] 213.32.122.82 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[24/Feb/2023:01:55:07 +0100] 35.92.255.107 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[24/Feb/2023:01:55:34 +0100] 34.217.31.193 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 302
[24/Feb/2023:01:55:37 +0100] 34.217.31.193 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[24/Feb/2023:01:56:50 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[24/Feb/2023:01:59:58 +0100] 34.219.233.92 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 302
[24/Feb/2023:02:05:39 +0100] 34.214.124.92 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[24/Feb/2023:02:17:28 +0100] 51.15.195.246 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 391
[24/Feb/2023:02:22:59 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[24/Feb/2023:02:30:37 +0100] 154.89.5.99 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[24/Feb/2023:02:38:46 +0100] 23.251.102.74 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[24/Feb/2023:02:53:39 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[24/Feb/2023:03:19:48 +0100] 128.14.209.162 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[24/Feb/2023:03:19:55 +0100] 128.14.209.162 TLSv1.2 AES256-SHA "GET /showLogin.cc HTTP/1.1" 311
[24/Feb/2023:03:23:56 +0100] 193.235.141.127 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 306
[24/Feb/2023:03:40:55 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1" 390
[24/Feb/2023:03:50:10 +0100] 185.180.143.71 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[24/Feb/2023:03:50:15 +0100] 185.180.143.71 TLSv1.2 AES256-SHA "HEAD /icons/sphere1.png HTTP/1.1" -
[24/Feb/2023:04:56:28 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327
[24/Feb/2023:05:16:04 +0100] 194.110.203.47 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backup_03092022.zip HTTP/1.1" 413
[24/Feb/2023:05:16:45 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "POST /mifs/.;/services/LogService HTTP/1.1" 318
[24/Feb/2023:05:26:52 +0100] 194.110.203.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backup_02092022.zip HTTP/1.1" 413
[24/Feb/2023:05:51:33 +0100] 193.106.29.122 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388
[24/Feb/2023:05:56:13 +0100] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backup_01092022.zip HTTP/1.1" 413
[24/Feb/2023:06:24:15 +0100] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backup_31082022.zip HTTP/1.1" 413
[24/Feb/2023:06:27:46 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "POST /Autodiscover/Autodiscover.xml HTTP/1.1" 315
[24/Feb/2023:06:34:40 +0100] 194.110.203.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backup_25082022.zip HTTP/1.1" 405
[24/Feb/2023:06:39:14 +0100] 138.246.253.24 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 387
[24/Feb/2023:06:54:06 +0100] 51.158.66.83 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 393
[24/Feb/2023:06:58:54 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /_ignition/execute-solution HTTP/1.1" 319
[24/Feb/2023:07:44:33 +0100] 172.104.11.46 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[24/Feb/2023:07:45:14 +0100] 64.145.93.143 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[24/Feb/2023:07:45:15 +0100] 64.145.93.143 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 301
[24/Feb/2023:08:04:44 +0100] 193.118.55.162 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[24/Feb/2023:09:05:32 +0100] 192.241.237.15 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[24/Feb/2023:09:49:05 +0100] 208.100.26.244 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 297
[24/Feb/2023:10:01:27 +0100] 194.110.203.44 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backup_24082022.zip HTTP/1.1" 413
[24/Feb/2023:10:07:45 +0100] 4.184.57.28 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[24/Feb/2023:10:36:51 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[24/Feb/2023:10:59:44 +0100] 178.79.165.199 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[24/Feb/2023:11:19:04 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[24/Feb/2023:11:24:11 +0100] 194.110.203.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backup_23082022.zip HTTP/1.1" 413
[24/Feb/2023:11:24:15 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[24/Feb/2023:11:24:15 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.env HTTP/1.1" 304
[24/Feb/2023:11:24:16 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/credentials HTTP/1.1" 311
[24/Feb/2023:11:24:16 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/credentials HTTP/1.1" 311
[24/Feb/2023:11:24:17 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/config HTTP/1.1" 310
[24/Feb/2023:11:24:17 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/config HTTP/1.1" 310
[24/Feb/2023:11:24:18 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /aws/credentials HTTP/1.1" 310
[24/Feb/2023:11:24:18 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /aws/credentials HTTP/1.1" 310
[24/Feb/2023:11:24:19 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /credentials HTTP/1.1" 308
[24/Feb/2023:11:24:19 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /credentials HTTP/1.1" 308
[24/Feb/2023:11:24:20 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /test.php HTTP/1.1" 306
[24/Feb/2023:11:24:20 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /test.php HTTP/1.1" 306
[24/Feb/2023:11:24:20 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /laravel/.env HTTP/1.1" 309
[24/Feb/2023:11:24:21 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /laravel/.env HTTP/1.1" 309
[24/Feb/2023:11:24:21 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /demo/.env HTTP/1.1" 307
[24/Feb/2023:11:24:22 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /demo/.env HTTP/1.1" 307
[24/Feb/2023:11:24:22 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /web/.env HTTP/1.1" 307
[24/Feb/2023:11:24:23 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /web/.env HTTP/1.1" 307
[24/Feb/2023:11:24:23 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /phpinfo HTTP/1.1" 307
[24/Feb/2023:11:24:24 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /phpinfo HTTP/1.1" 307
[24/Feb/2023:11:24:24 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /admin/.env HTTP/1.1" 308
[24/Feb/2023:11:24:25 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /admin/.env HTTP/1.1" 308
[24/Feb/2023:11:24:25 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backend/.env HTTP/1.1" 310
[24/Feb/2023:11:24:26 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /backend/.env HTTP/1.1" 310
[24/Feb/2023:11:24:26 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /app/.env HTTP/1.1" 307
[24/Feb/2023:11:24:27 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /app/.env HTTP/1.1" 307
[24/Feb/2023:12:30:17 +0100] 198.20.87.98 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[24/Feb/2023:12:30:34 +0100] 198.20.87.98 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[24/Feb/2023:12:30:36 +0100] 198.20.87.98 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[24/Feb/2023:12:30:37 +0100] 198.20.87.98 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[24/Feb/2023:12:30:41 +0100] 198.20.87.98 TLSv1.2 AES256-SHA "quit" 379
[24/Feb/2023:12:30:42 +0100] 198.20.87.98 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 393
[24/Feb/2023:12:30:45 +0100] 198.20.87.98 TLSv1.2 AES256-SHA "GET /sitemap.xml HTTP/1.1" 394
[24/Feb/2023:12:30:46 +0100] 198.20.87.98 TLSv1.2 AES256-SHA "GET /.well-known/security.txt HTTP/1.1" 407
[24/Feb/2023:12:30:48 +0100] 198.20.87.98 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /favicon.ico HTTP/1.1" 309
[24/Feb/2023:12:30:52 +0100] 198.20.87.98 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[24/Feb/2023:13:02:10 +0100] 178.79.157.193 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[24/Feb/2023:13:05:29 +0100] 64.62.197.78 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[24/Feb/2023:13:12:09 +0100] 64.62.197.82 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[24/Feb/2023:13:15:17 +0100] 64.62.197.91 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[24/Feb/2023:13:15:34 +0100] 154.22.125.166 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /Public/admin/webuploader/server/preview.php HTTP/1.1" 335
[24/Feb/2023:13:16:13 +0100] 64.62.197.83 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 310
[24/Feb/2023:13:47:59 +0100] 193.235.141.23 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 295
[24/Feb/2023:13:54:58 +0100] 194.110.203.44 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backup_21082022.zip HTTP/1.1" 405
[24/Feb/2023:14:20:28 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 293
[24/Feb/2023:14:27:19 +0100] 174.138.60.188 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[24/Feb/2023:14:27:20 +0100] 174.138.60.188 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 754
[24/Feb/2023:14:27:22 +0100] 174.138.60.188 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /favicon.ico HTTP/1.1" 1150
[24/Feb/2023:14:44:01 +0100] 51.158.98.24 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 386
[24/Feb/2023:15:03:56 +0100] 64.227.41.39 TLSv1.2 AES256-SHA "GET /aaa9 HTTP/1.1" 304
[24/Feb/2023:15:03:56 +0100] 64.227.41.39 TLSv1.2 AES256-SHA "GET /aab8 HTTP/1.1" 304
[24/Feb/2023:15:51:15 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[24/Feb/2023:15:51:15 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.env HTTP/1.1" 304
[24/Feb/2023:15:51:16 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/credentials HTTP/1.1" 311
[24/Feb/2023:15:51:16 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/credentials HTTP/1.1" 311
[24/Feb/2023:15:51:17 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/config HTTP/1.1" 310
[24/Feb/2023:15:51:17 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/config HTTP/1.1" 310
[24/Feb/2023:15:51:18 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /aws/credentials HTTP/1.1" 310
[24/Feb/2023:15:51:18 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /aws/credentials HTTP/1.1" 310
[24/Feb/2023:15:51:18 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /credentials HTTP/1.1" 308
[24/Feb/2023:15:51:19 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /credentials HTTP/1.1" 308
[24/Feb/2023:15:51:19 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /test.php HTTP/1.1" 306
[24/Feb/2023:15:51:20 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /test.php HTTP/1.1" 306
[24/Feb/2023:15:51:20 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /laravel/.env HTTP/1.1" 309
[24/Feb/2023:15:51:21 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /laravel/.env HTTP/1.1" 309
[24/Feb/2023:15:51:21 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /demo/.env HTTP/1.1" 307
[24/Feb/2023:15:51:22 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /demo/.env HTTP/1.1" 307
[24/Feb/2023:15:51:22 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /web/.env HTTP/1.1" 307
[24/Feb/2023:15:51:23 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /web/.env HTTP/1.1" 307
[24/Feb/2023:15:51:23 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /phpinfo HTTP/1.1" 307
[24/Feb/2023:15:51:24 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /phpinfo HTTP/1.1" 307
[24/Feb/2023:15:51:24 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /admin/.env HTTP/1.1" 308
[24/Feb/2023:15:51:25 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /admin/.env HTTP/1.1" 308
[24/Feb/2023:15:51:25 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backend/.env HTTP/1.1" 310
[24/Feb/2023:15:51:26 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /backend/.env HTTP/1.1" 310
[24/Feb/2023:15:51:26 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /app/.env HTTP/1.1" 307
[24/Feb/2023:15:51:27 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /app/.env HTTP/1.1" 307
[24/Feb/2023:17:09:16 +0100] 180.149.125.163 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[24/Feb/2023:17:12:09 +0100] 198.199.94.56 TLSv1.2 AES256-SHA "GET /autodiscover/autodiscover.json?@zdi/Powershell HTTP/1.1" 328
[24/Feb/2023:17:30:29 +0100] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backup_20082022.zip HTTP/1.1" 396
[24/Feb/2023:17:50:52 +0100] 167.248.133.42 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[24/Feb/2023:17:50:53 +0100] 167.248.133.42 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[24/Feb/2023:17:50:53 +0100] 167.248.133.42 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[24/Feb/2023:18:14:38 +0100] 167.94.138.62 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[24/Feb/2023:18:14:39 +0100] 167.94.138.62 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[24/Feb/2023:18:14:39 +0100] 167.94.138.62 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[24/Feb/2023:18:57:30 +0100] 128.14.209.162 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[24/Feb/2023:19:05:48 +0100] 128.199.47.108 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[24/Feb/2023:19:05:48 +0100] 128.199.47.108 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304
[24/Feb/2023:19:05:50 +0100] 128.199.47.108 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[24/Feb/2023:19:05:50 +0100] 128.199.47.108 TLSv1.2 AES256-SHA "GET /t4 HTTP/1.1" 302
[24/Feb/2023:19:26:40 +0100] 80.66.66.131 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /api/v2/cmdb/system/admin HTTP/1.1" 318
[24/Feb/2023:19:38:55 +0100] 138.246.253.24 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 403
[24/Feb/2023:20:20:41 +0100] 192.241.210.25 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[24/Feb/2023:21:21:12 +0100] 194.163.154.32 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 298
[24/Feb/2023:21:21:13 +0100] 194.163.154.32 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 295
[24/Feb/2023:21:21:14 +0100] 194.163.154.32 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /core/.env HTTP/1.1" 301
[24/Feb/2023:21:21:15 +0100] 194.163.154.32 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /core/.env HTTP/1.1" 301
[24/Feb/2023:21:21:16 +0100] 194.163.154.32 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 295
[24/Feb/2023:21:21:17 +0100] 194.163.154.32 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /core/.env HTTP/1.1" 301
[24/Feb/2023:21:43:54 +0100] 194.110.203.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backup_18082022.zip HTTP/1.1" 405
[24/Feb/2023:21:57:35 +0100] 162.142.125.8 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[24/Feb/2023:21:57:36 +0100] 162.142.125.8 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[24/Feb/2023:21:57:36 +0100] 162.142.125.8 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[24/Feb/2023:22:29:39 +0100] 60.217.75.70 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[24/Feb/2023:22:34:31 +0100] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backup_17082022.zip HTTP/1.1" 396
[24/Feb/2023:23:09:28 +0100] 40.77.167.184 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 315
[24/Feb/2023:23:09:29 +0100] 40.77.167.184 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 315
[24/Feb/2023:23:09:41 +0100] 157.55.39.218 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 308
[24/Feb/2023:23:14:00 +0100] 170.64.133.118 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[24/Feb/2023:23:23:08 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[24/Feb/2023:23:32:24 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[24/Feb/2023:23:33:25 +0100] 183.136.225.9 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[24/Feb/2023:23:34:32 +0100] 183.136.225.9 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[24/Feb/2023:23:34:38 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[24/Feb/2023:23:34:57 +0100] 183.136.225.9 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 308
[24/Feb/2023:23:39:04 +0100] 106.75.165.117 TLSv1.2 AES256-SHA "{\"method\":\"login\",\"params\":{\"login\":\"45JymPWP1DeQxxMZNJv9w2bTQ2WJDAmw18wUSryDQa3RPrympJPoUSVcFEDv3bhiMJGWaCD4a3KrFCorJHCMqXJUKApSKDV\",\"pass\":\"xxoo\",\"agent\":\"xmr-stak-cpu/1.3.0-1.5.0\"},\"id\":1}" 379
[24/Feb/2023:23:39:05 +0100] 106.75.165.117 TLSv1.2 AES256-SHA "{\"id\":1,\"method\":\"mining.subscribe\",\"params\":[]}" 379
[24/Feb/2023:23:39:06 +0100] 106.75.165.117 TLSv1.2 AES256-SHA "{\"params\": [\"miner1\", \"password\"], \"id\": 2, \"method\": \"mining.authorize\"}" 379
[24/Feb/2023:23:39:07 +0100] 106.75.165.117 TLSv1.2 AES256-SHA "{\"id\":1,\"jsonrpc\":\"2.0\",\"method\":\"login\",\"params\":{\"login\":\"blue1\",\"pass\":\"x\",\"agent\":\"Windows NT 6.1; Win64; x64\"}}" 379
[24/Feb/2023:23:39:09 +0100] 106.75.165.117 TLSv1.2 AES256-SHA "{\"params\": [\"miner1\", \"bf\", \"00000001\", \"504e86ed\", \"b2957c02\"], \"id\": 4, \"method\": \"mining.submit\"}" 379
[24/Feb/2023:23:39:10 +0100] 106.75.165.117 TLSv1.2 AES256-SHA "{\"id\":1,\"jsonrpc\":\"2.0\",\"method\":\"login\",\"params\":{\"login\":\"x\",\"pass\":\"null\",\"agent\":\"XMRig/5.13.1\",\"algo\":[\"cn/1\",\"cn/2\",\"cn/r\",\"cn/fast\",\"cn/half\",\"cn/xao\",\"cn/rto\",\"cn/rwz\",\"cn/zls\",\"cn/double\",\"rx/0\",\"rx/wow\",\"rx/loki\",\"rx/arq\",\"rx/sfx\",\"rx/keva\"]}}" 379
[24/Feb/2023:23:43:18 +0100] 208.100.26.235 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 298
[24/Feb/2023:23:54:36 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1" 390
[25/Feb/2023:00:18:30 +0100] 194.110.203.47 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backup_17082022.zip HTTP/1.1" 405
[25/Feb/2023:00:22:39 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327
[25/Feb/2023:00:37:59 +0100] 18.236.167.99 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 306
[25/Feb/2023:00:38:31 +0100] 34.215.93.85 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 313
[25/Feb/2023:00:45:51 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "POST /mifs/.;/services/LogService HTTP/1.1" 318
[25/Feb/2023:00:48:24 +0100] 165.22.225.219 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[25/Feb/2023:00:48:26 +0100] 165.22.225.219 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304
[25/Feb/2023:00:48:30 +0100] 165.22.225.219 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[25/Feb/2023:00:48:31 +0100] 165.22.225.219 TLSv1.2 AES256-SHA "GET /t4 HTTP/1.1" 302
[25/Feb/2023:00:57:02 +0100] 35.195.93.98 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301