[08/May/2023:02:31:40 +0200] 70.67.230.165 TLSv1.2 AES256-SHA "GET /manager/html HTTP/1.1" 308
[08/May/2023:02:31:43 +0200] 70.67.230.165 TLSv1.2 AES256-SHA "GET /users/sign_in HTTP/1.1" 311
[08/May/2023:03:30:11 +0200] 64.62.197.74 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[08/May/2023:03:37:13 +0200] 64.62.197.68 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[08/May/2023:03:39:05 +0200] 64.62.197.68 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[08/May/2023:03:40:31 +0200] 64.62.197.71 TLSv1.2 AES256-SHA "GET /geoserver/web/ HTTP/1.1" 309
[08/May/2023:03:40:45 +0200] 64.62.197.74 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 310
[08/May/2023:05:01:07 +0200] 198.199.116.56 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[08/May/2023:05:06:42 +0200] 87.236.176.23 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[08/May/2023:05:34:01 +0200] 35.92.159.107 TLSv1.2 AES256-SHA "GET /.hg/hgrc HTTP/1.1" 307
[08/May/2023:06:15:35 +0200] 5.182.5.161 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /login?redir=%2F" 405
[08/May/2023:07:08:27 +0200] 152.89.196.144 TLSv1.2 AES256-SHA "POST /mifs/.;/services/LogService HTTP/1.1" 318
[08/May/2023:07:18:51 +0200] 185.233.19.17 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[08/May/2023:07:25:59 +0200] 193.106.29.122 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388
[08/May/2023:07:26:26 +0200] 18.209.102.192 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[08/May/2023:08:15:30 +0200] 152.89.196.144 TLSv1.2 AES256-SHA "GET /console/ HTTP/1.1" 307
[08/May/2023:08:47:59 +0200] 34.65.46.100 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "OPTIONS / HTTP/1.0" 383
[08/May/2023:09:19:14 +0200] 35.92.159.107 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 310
[08/May/2023:10:25:20 +0200] 20.100.168.244 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[08/May/2023:10:33:32 +0200] 198.58.115.82 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[08/May/2023:11:05:21 +0200] 87.236.176.180 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[08/May/2023:11:07:27 +0200] 152.89.196.144 TLSv1.2 AES256-SHA "POST /Autodiscover/Autodiscover.xml HTTP/1.1" 315
[08/May/2023:11:29:55 +0200] 4.184.57.28 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[08/May/2023:11:41:26 +0200] 152.89.196.144 TLSv1.2 AES256-SHA "GET /_ignition/execute-solution HTTP/1.1" 319
[08/May/2023:13:32:24 +0200] 46.60.81.212 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /agent/timeclock.php HTTP/1.1" 314
[08/May/2023:14:46:59 +0200] 152.89.196.144 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[08/May/2023:16:03:29 +0200] 198.199.111.75 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx HTTP/1.1" 314
[08/May/2023:16:05:45 +0200] 107.170.242.13 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[08/May/2023:16:08:23 +0200] 198.199.92.121 TLSv1.2 AES256-SHA "GET /owa/auth/x.js HTTP/1.1" 310
[08/May/2023:16:17:56 +0200] 137.184.217.189 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[08/May/2023:16:27:52 +0200] 152.89.196.144 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[08/May/2023:16:53:33 +0200] 167.94.138.124 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[08/May/2023:16:53:34 +0200] 167.94.138.124 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[08/May/2023:17:12:00 +0200] 35.92.159.107 TLSv1.2 AES256-SHA "GET /.hg/hgrc HTTP/1.1" 307
[08/May/2023:18:06:16 +0200] 198.199.104.82 TLSv1.2 AES256-SHA "GET /autodiscover/autodiscover.json?@zdi/Powershell HTTP/1.1" 328
[08/May/2023:18:20:39 +0200] 106.75.165.117 TLSv1.2 AES256-SHA "{\"method\":\"login\",\"params\":{\"login\":\"45JymPWP1DeQxxMZNJv9w2bTQ2WJDAmw18wUSryDQa3RPrympJPoUSVcFEDv3bhiMJGWaCD4a3KrFCorJHCMqXJUKApSKDV\",\"pass\":\"xxoo\",\"agent\":\"xmr-stak-cpu/1.3.0-1.5.0\"},\"id\":1}" 379
[08/May/2023:18:20:40 +0200] 106.75.165.117 TLSv1.2 AES256-SHA "{\"id\":1,\"method\":\"mining.subscribe\",\"params\":[]}" 379
[08/May/2023:18:20:43 +0200] 106.75.165.117 TLSv1.2 AES256-SHA "{\"params\": [\"miner1\", \"password\"], \"id\": 2, \"method\": \"mining.authorize\"}" 379
[08/May/2023:18:20:44 +0200] 106.75.165.117 TLSv1.2 AES256-SHA "{\"id\":1,\"jsonrpc\":\"2.0\",\"method\":\"login\",\"params\":{\"login\":\"blue1\",\"pass\":\"x\",\"agent\":\"Windows NT 6.1; Win64; x64\"}}" 379
[08/May/2023:18:20:45 +0200] 106.75.165.117 TLSv1.2 AES256-SHA "{\"params\": [\"miner1\", \"bf\", \"00000001\", \"504e86ed\", \"b2957c02\"], \"id\": 4, \"method\": \"mining.submit\"}" 379
[08/May/2023:18:20:46 +0200] 106.75.165.117 TLSv1.2 AES256-SHA "{\"id\":1,\"jsonrpc\":\"2.0\",\"method\":\"login\",\"params\":{\"login\":\"x\",\"pass\":\"null\",\"agent\":\"XMRig/5.13.1\",\"algo\":[\"cn/1\",\"cn/2\",\"cn/r\",\"cn/fast\",\"cn/half\",\"cn/xao\",\"cn/rto\",\"cn/rwz\",\"cn/zls\",\"cn/double\",\"rx/0\",\"rx/wow\",\"rx/loki\",\"rx/arq\",\"rx/sfx\",\"rx/keva\"]}}" 379
[08/May/2023:18:50:49 +0200] 134.122.97.33 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[08/May/2023:18:50:49 +0200] 134.122.97.33 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304
[08/May/2023:18:50:50 +0200] 134.122.97.33 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[08/May/2023:18:50:50 +0200] 134.122.97.33 TLSv1.2 AES256-SHA "GET /t4 HTTP/1.1" 302
[08/May/2023:18:50:51 +0200] 134.122.97.33 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[08/May/2023:19:29:08 +0200] 152.89.196.144 TLSv1.2 AES256-SHA "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 293
[08/May/2023:20:08:54 +0200] 162.142.125.216 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[08/May/2023:20:08:55 +0200] 162.142.125.216 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[08/May/2023:20:08:55 +0200] 162.142.125.216 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[08/May/2023:20:12:07 +0200] 35.92.159.107 TLSv1.2 AES256-SHA "GET /.svn/wc.db HTTP/1.1" 308
[08/May/2023:20:16:21 +0200] 3.74.230.44 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 316
[08/May/2023:20:17:44 +0200] 107.170.232.11 TLSv1.2 AES256-SHA "GET /version HTTP/1.1" 305
[08/May/2023:20:39:24 +0200] 152.89.196.144 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[08/May/2023:21:10:17 +0200] 3.74.230.44 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 304
[08/May/2023:21:33:49 +0200] 154.7.179.243 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /wp-admin/css/colors/blue/blue.php?wall=ZWNobyBhRHJpdjQ7ZXZhbCgkX1BPU1RbJ3Z6J10pOw== HTTP/1.1" 460
[08/May/2023:23:06:39 +0200] 172.105.128.11 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[08/May/2023:23:08:09 +0200] 209.38.252.47 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.git/config HTTP/1.1" 310
[08/May/2023:23:17:29 +0200] 138.197.36.171 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[08/May/2023:23:17:30 +0200] 138.197.36.171 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304
[08/May/2023:23:17:35 +0200] 138.197.36.171 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[08/May/2023:23:17:36 +0200] 138.197.36.171 TLSv1.2 AES256-SHA "GET /t4 HTTP/1.1" 302
[08/May/2023:23:17:39 +0200] 138.197.36.171 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[08/May/2023:23:33:11 +0200] 60.217.75.70 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[09/May/2023:00:26:00 +0200] 128.1.248.26 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[09/May/2023:01:06:13 +0200] 198.235.24.231 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 398
[09/May/2023:01:23:29 +0200] 35.240.121.17 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[09/May/2023:01:58:21 +0200] 198.235.24.36 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 381