[17/Apr/2023:02:05:04 +0200] 51.15.251.143 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 377
[17/Apr/2023:03:57:14 +0200] 45.61.185.37 TLSv1.2 AES256-SHA "GET /sqlbuddy/login.php HTTP/1.1" 320
[17/Apr/2023:03:57:15 +0200] 45.61.185.37 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 316
[17/Apr/2023:03:57:15 +0200] 45.61.185.37 TLSv1.2 AES256-SHA "GET /?a=fetch&content=<php>die(md5(cvbytigdfgfdg))</php> HTTP/1.1" 354
[17/Apr/2023:03:57:16 +0200] 45.61.185.37 TLSv1.2 AES256-SHA "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 336
[17/Apr/2023:04:08:28 +0200] 35.86.185.220 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[17/Apr/2023:05:19:54 +0200] 167.71.209.235 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[17/Apr/2023:05:19:56 +0200] 167.71.209.235 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304
[17/Apr/2023:05:20:05 +0200] 167.71.209.235 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[17/Apr/2023:05:20:07 +0200] 167.71.209.235 TLSv1.2 AES256-SHA "GET /t4 HTTP/1.1" 302
[17/Apr/2023:05:20:09 +0200] 167.71.209.235 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[17/Apr/2023:05:39:36 +0200] 193.106.29.122 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388
[17/Apr/2023:05:44:24 +0200] 162.243.140.44 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx HTTP/1.1" 314
[17/Apr/2023:05:52:26 +0200] 198.199.111.75 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[17/Apr/2023:05:53:32 +0200] 162.243.140.44 TLSv1.2 AES256-SHA "GET /owa/auth/x.js HTTP/1.1" 310
[17/Apr/2023:06:08:59 +0200] 192.241.236.20 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[17/Apr/2023:06:17:49 +0200] 185.142.236.43 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[17/Apr/2023:06:18:09 +0200] 185.142.236.43 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[17/Apr/2023:06:18:10 +0200] 185.142.236.43 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[17/Apr/2023:06:18:11 +0200] 185.142.236.43 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[17/Apr/2023:06:18:14 +0200] 185.142.236.43 TLSv1.2 AES256-SHA "quit" 379
[17/Apr/2023:06:18:16 +0200] 185.142.236.43 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 393
[17/Apr/2023:06:18:18 +0200] 185.142.236.43 TLSv1.2 AES256-SHA "GET /sitemap.xml HTTP/1.1" 394
[17/Apr/2023:06:18:19 +0200] 185.142.236.43 TLSv1.2 AES256-SHA "GET /.well-known/security.txt HTTP/1.1" 407
[17/Apr/2023:06:18:21 +0200] 185.142.236.43 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /favicon.ico HTTP/1.1" 309
[17/Apr/2023:06:18:23 +0200] 185.142.236.43 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[17/Apr/2023:06:51:43 +0200] 193.56.29.196 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[17/Apr/2023:07:04:59 +0200] 51.15.195.246 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 400
[17/Apr/2023:07:27:15 +0200] 193.56.29.196 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[17/Apr/2023:07:44:49 +0200] 176.113.115.51 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /api/v1" 394
[17/Apr/2023:08:53:16 +0200] 34.147.76.141 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "OPTIONS / HTTP/1.0" 383
[17/Apr/2023:08:53:45 +0200] 64.227.76.56 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[17/Apr/2023:10:58:32 +0200] 128.14.134.170 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[17/Apr/2023:11:24:16 +0200] 4.184.57.28 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[17/Apr/2023:13:16:52 +0200] 87.236.176.41 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[17/Apr/2023:13:25:35 +0200] 65.49.20.69 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[17/Apr/2023:13:33:46 +0200] 65.49.20.69 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[17/Apr/2023:13:38:26 +0200] 65.49.20.69 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[17/Apr/2023:13:41:17 +0200] 65.49.20.69 TLSv1.2 AES256-SHA "GET /geoserver/web/ HTTP/1.1" 309
[17/Apr/2023:13:42:04 +0200] 65.49.20.69 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 310
[17/Apr/2023:16:11:24 +0200] 142.93.233.136 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[17/Apr/2023:16:11:37 +0200] 167.94.138.51 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[17/Apr/2023:16:11:37 +0200] 167.94.138.51 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[17/Apr/2023:16:38:16 +0200] 45.79.181.251 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[17/Apr/2023:16:55:02 +0200] 20.100.168.244 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[17/Apr/2023:17:25:23 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388
[17/Apr/2023:17:25:23 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "SSTP_DUPLEX_POST /sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/ HTTP/1.1" 925
[17/Apr/2023:17:25:23 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /u4Ra HTTP/1.1" 387
[17/Apr/2023:17:25:23 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /scripts/WPnBr.dll HTTP/1.1" 400
[17/Apr/2023:17:25:23 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /nmaplowercheck1681745090 HTTP/1.1" 407
[17/Apr/2023:17:25:23 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[17/Apr/2023:17:25:24 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /menu.aspx HTTP/1.1" 392
[17/Apr/2023:17:25:24 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /pools/default/buckets HTTP/1.1" 404
[17/Apr/2023:17:25:24 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /CSS/Miniweb.css HTTP/1.1" 398
[17/Apr/2023:17:25:24 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /HNAP1 HTTP/1.1" 388
[17/Apr/2023:17:25:24 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /Portal0000.htm HTTP/1.1" 397
[17/Apr/2023:17:25:24 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /Portal/Portal.mwsl HTTP/1.1" 401
[17/Apr/2023:17:25:24 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /sdk HTTP/1.1" 386
[17/Apr/2023:17:25:24 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "HEAD / HTTP/1.1" -
[17/Apr/2023:17:25:24 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /pools HTTP/1.1" 388
[17/Apr/2023:17:25:24 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /server-status HTTP/1.1" 396
[17/Apr/2023:17:25:24 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /main.asp HTTP/1.1" 391
[17/Apr/2023:17:25:24 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.git/HEAD HTTP/1.1" 392
[17/Apr/2023:17:25:24 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /?=PHPE9568F36-D428-11d2-A769-00AA001ACF42 HTTP/1.1" 424
[17/Apr/2023:17:25:24 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[17/Apr/2023:17:25:24 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /__Additional HTTP/1.1" 395
[17/Apr/2023:17:25:24 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /docs/cplugError.html/ HTTP/1.1" 404
[17/Apr/2023:17:25:24 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[17/Apr/2023:17:25:24 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388
[17/Apr/2023:17:25:24 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /menu.cfm HTTP/1.1" 391
[17/Apr/2023:17:25:25 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 HTTP/1.1" 424
[17/Apr/2023:17:25:25 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /localstart.jsp HTTP/1.1" 397
[17/Apr/2023:17:25:25 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /favicon.ico HTTP/1.1" 394
[17/Apr/2023:17:25:25 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[17/Apr/2023:17:25:25 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /index.php HTTP/1.1" 392
[17/Apr/2023:17:25:25 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /home.cfm HTTP/1.1" 391
[17/Apr/2023:17:25:26 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /indice.pl HTTP/1.1" 392
[17/Apr/2023:17:25:26 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /localstart.html HTTP/1.1" 398
[17/Apr/2023:17:25:26 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /index.cfm HTTP/1.1" 392
[17/Apr/2023:17:25:27 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /robots.txt HTTP/1.1" 393
[17/Apr/2023:17:25:27 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /home.asp HTTP/1.1" 391
[17/Apr/2023:17:25:27 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /readme.txt HTTP/1.1" 393
[17/Apr/2023:17:25:28 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /admin.shtml HTTP/1.1" 394
[17/Apr/2023:17:25:28 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /main.jsp HTTP/1.1" 391
[17/Apr/2023:17:25:28 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /indice.jsp HTTP/1.1" 393
[17/Apr/2023:17:25:29 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /index.cgi HTTP/1.1" 392
[17/Apr/2023:17:25:29 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /default.jsa HTTP/1.1" 394
[17/Apr/2023:17:25:29 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /indice.asp HTTP/1.1" 393
[17/Apr/2023:17:25:30 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /admin.php HTTP/1.1" 392
[17/Apr/2023:17:25:30 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /main.pl HTTP/1.1" 390
[17/Apr/2023:17:25:30 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /menu.asp HTTP/1.1" 391
[17/Apr/2023:17:25:31 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /admin.jsp HTTP/1.1" 392
[17/Apr/2023:17:25:31 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /indice.jsa HTTP/1.1" 393
[17/Apr/2023:17:25:31 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /base.html HTTP/1.1" 392
[17/Apr/2023:17:25:31 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /admin.jhtml HTTP/1.1" 394
[17/Apr/2023:17:25:32 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /base.asp HTTP/1.1" 391
[17/Apr/2023:17:25:32 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /admin.cgi HTTP/1.1" 392
[17/Apr/2023:17:25:32 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /home.pl HTTP/1.1" 390
[17/Apr/2023:17:25:33 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /base.jhtml HTTP/1.1" 393
[17/Apr/2023:17:25:33 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /home.aspx HTTP/1.1" 392
[17/Apr/2023:17:26:00 +0200] 195.96.137.7 - - "-" -
[17/Apr/2023:17:26:01 +0200] 195.96.137.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "-" -
[17/Apr/2023:19:09:48 +0200] 152.89.196.54 TLSv1.2 AES256-SHA "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[17/Apr/2023:19:53:29 +0200] 192.241.226.46 TLSv1.2 AES256-SHA "GET /autodiscover/autodiscover.json?@zdi/Powershell HTTP/1.1" 328
[17/Apr/2023:20:02:57 +0200] 152.89.196.54 TLSv1.2 AES256-SHA "GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1" 390
[17/Apr/2023:21:08:13 +0200] 45.61.185.37 TLSv1.2 AES256-SHA "GET /index.php?function=call_user_func_array&s=/Index/%9hink%7pp/invokefunction&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1" 398
[17/Apr/2023:21:08:17 +0200] 45.61.185.37 TLSv1.2 AES256-SHA "GET /TP/public/index.php?function=call_user_func_array&s=index/\\think\\app/invokefunction&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1" 402
[17/Apr/2023:21:08:20 +0200] 45.61.185.37 TLSv1.2 AES256-SHA "GET /index.php?function=call_user_func_array&s=index/%9hink%7pp/invokefunction&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1" 396
[17/Apr/2023:21:12:52 +0200] 152.89.196.54 TLSv1.2 AES256-SHA "POST /mifs/.;/services/LogService HTTP/1.1" 318
[17/Apr/2023:22:04:53 +0200] 193.235.141.120 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 307
[17/Apr/2023:22:27:20 +0200] 34.67.136.168 TLSv1.2 AES256-SHA "-" -
[17/Apr/2023:22:34:04 +0200] 167.94.138.36 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[17/Apr/2023:22:34:05 +0200] 167.94.138.36 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[17/Apr/2023:22:34:05 +0200] 167.94.138.36 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[17/Apr/2023:22:58:16 +0200] 23.251.102.74 TLSv1.2 AES256-SHA "GET /Telerik.Web.UI.WebResource.axd?type=rau HTTP/1.1" 330
[17/Apr/2023:23:32:12 +0200] 34.220.205.3 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[17/Apr/2023:23:32:42 +0200] 54.213.66.171 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 314
[17/Apr/2023:23:40:31 +0200] 60.217.75.70 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[18/Apr/2023:00:06:56 +0200] 198.199.107.114 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[18/Apr/2023:00:25:14 +0200] 35.153.207.12 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 310
[18/Apr/2023:00:51:21 +0200] 104.167.221.206 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 295
[18/Apr/2023:01:11:16 +0200] 35.153.207.12 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 316
[18/Apr/2023:01:13:54 +0200] 35.153.207.12 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 306
[18/Apr/2023:01:16:17 +0200] 34.79.57.245 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[18/Apr/2023:01:42:35 +0200] 103.149.192.48 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301