[19/Jul/2022:03:15:53 +0200] 65.49.20.68 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[19/Jul/2022:03:20:31 +0200] 183.136.225.35 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[19/Jul/2022:03:26:45 +0200] 65.49.20.124 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[19/Jul/2022:03:29:07 +0200] 65.49.20.88 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[19/Jul/2022:04:09:15 +0200] 192.241.216.46 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[19/Jul/2022:04:41:22 +0200] 209.141.57.178 TLSv1.2 AES256-SHA "-" -
[19/Jul/2022:04:50:35 +0200] 192.241.206.37 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[19/Jul/2022:05:16:51 +0200] 23.251.102.74 TLSv1.2 DHE-RSA-AES256-SHA256 "GET / HTTP/1.1" 301
[19/Jul/2022:05:28:41 +0200] 66.240.236.116 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[19/Jul/2022:05:51:35 +0200] 34.140.248.32 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[19/Jul/2022:07:12:44 +0200] 205.210.31.161 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 377
[19/Jul/2022:07:28:27 +0200] 43.134.234.251 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[19/Jul/2022:07:42:33 +0200] 207.46.13.120 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 304
[19/Jul/2022:08:46:53 +0200] 97.89.144.44 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[19/Jul/2022:10:18:00 +0200] 109.237.103.118 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/credentials HTTP/1.1" 311
[19/Jul/2022:10:18:01 +0200] 109.237.103.118 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/credentials HTTP/1.1" 311
[19/Jul/2022:12:19:14 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[19/Jul/2022:12:19:15 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.env HTTP/1.1" 304
[19/Jul/2022:12:19:15 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/credentials HTTP/1.1" 311
[19/Jul/2022:12:19:16 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/credentials HTTP/1.1" 311
[19/Jul/2022:12:19:17 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/config HTTP/1.1" 310
[19/Jul/2022:12:19:18 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/config HTTP/1.1" 310
[19/Jul/2022:12:19:18 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /aws/credentials HTTP/1.1" 310
[19/Jul/2022:12:19:19 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /aws/credentials HTTP/1.1" 310
[19/Jul/2022:12:19:19 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /credentials HTTP/1.1" 308
[19/Jul/2022:12:19:19 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /credentials HTTP/1.1" 308
[19/Jul/2022:12:19:20 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws HTTP/1.1" 304
[19/Jul/2022:12:19:20 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws HTTP/1.1" 304
[19/Jul/2022:12:19:21 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /public/.env HTTP/1.1" 309
[19/Jul/2022:12:19:21 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /public/.env HTTP/1.1" 309
[19/Jul/2022:12:19:22 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /public/.aws/credentials HTTP/1.1" 316
[19/Jul/2022:12:19:22 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /public/.aws/credentials HTTP/1.1" 316
[19/Jul/2022:12:19:23 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/config HTTP/1.1" 310
[19/Jul/2022:12:19:23 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/config HTTP/1.1" 310
[19/Jul/2022:12:19:24 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /public/aws/credentials HTTP/1.1" 316
[19/Jul/2022:12:19:24 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /public/aws/credentials HTTP/1.1" 316
[19/Jul/2022:12:19:25 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /public/.aws HTTP/1.1" 309
[19/Jul/2022:12:19:25 +0200] 109.237.103.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /public/.aws HTTP/1.1" 309
[19/Jul/2022:12:44:13 +0200] 23.251.102.74 TLSv1.2 DHE-RSA-AES256-SHA256 "GET / HTTP/1.1" 301
[19/Jul/2022:12:44:22 +0200] 23.251.102.74 TLSv1.2 DHE-RSA-AES256-SHA256 "GET /showLogin.cc HTTP/1.1" 311
[19/Jul/2022:13:09:01 +0200] 104.206.128.66 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[19/Jul/2022:13:27:06 +0200] 192.241.219.87 TLSv1.2 AES256-SHA "GET /owa/auth/x.js HTTP/1.1" 310
[19/Jul/2022:13:27:51 +0200] 192.241.222.24 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[19/Jul/2022:13:28:53 +0200] 192.241.221.14 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx HTTP/1.1" 314
[19/Jul/2022:16:12:30 +0200] 185.7.214.104 TLSv1.2 AES256-SHA "-" -
[19/Jul/2022:16:12:43 +0200] 92.255.85.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[19/Jul/2022:16:35:24 +0200] 205.210.31.153 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 392
[19/Jul/2022:16:57:00 +0200] 179.43.155.171 TLSv1.2 AES256-SHA "GET /.aws/credentials HTTP/1.1" 311
[19/Jul/2022:17:17:10 +0200] 94.102.61.8 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[19/Jul/2022:18:59:59 +0200] 198.244.213.30 TLSv1.2 AES256-SHA "GET /invoker/readonly HTTP/1.1" 313
[19/Jul/2022:19:42:06 +0200] 180.149.125.163 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[19/Jul/2022:20:08:52 +0200] 185.7.214.104 TLSv1.2 AES256-SHA "GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1" 390
[19/Jul/2022:20:09:37 +0200] 185.142.236.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[19/Jul/2022:20:09:49 +0200] 185.142.236.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[19/Jul/2022:20:09:50 +0200] 185.142.236.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[19/Jul/2022:20:09:54 +0200] 185.142.236.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[19/Jul/2022:20:09:57 +0200] 185.142.236.41 TLSv1.2 AES256-SHA "quit" 379
[19/Jul/2022:20:10:02 +0200] 185.142.236.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /robots.txt HTTP/1.1" 393
[19/Jul/2022:20:10:03 +0200] 185.142.236.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /sitemap.xml HTTP/1.1" 394
[19/Jul/2022:20:10:05 +0200] 185.142.236.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.well-known/security.txt HTTP/1.1" 407
[19/Jul/2022:20:10:20 +0200] 185.142.236.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /favicon.ico HTTP/1.1" 309
[19/Jul/2022:20:10:23 +0200] 185.142.236.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[19/Jul/2022:20:15:26 +0200] 207.46.13.120 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 304
[19/Jul/2022:20:44:16 +0200] 162.221.192.26 TLSv1.2 DHE-RSA-AES256-SHA256 "GET / HTTP/1.1" 301
[19/Jul/2022:20:57:23 +0200] 139.162.207.84 TLSv1.2 DHE-RSA-AES256-SHA256 "GET / HTTP/1.1" 301
[19/Jul/2022:21:31:40 +0200] 45.130.97.118 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[19/Jul/2022:21:38:39 +0200] 83.136.32.58 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "HEAD / HTTP/1.0" -
[19/Jul/2022:21:39:44 +0200] 91.198.115.10 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[19/Jul/2022:22:16:11 +0200] 185.7.214.104 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327
[19/Jul/2022:23:05:38 +0200] 185.180.143.7 TLSv1.2 DHE-RSA-AES256-SHA256 "GET / HTTP/1.1" 301
[19/Jul/2022:23:59:07 +0200] 45.95.147.28 - - "-" -
[20/Jul/2022:00:00:31 +0200] 45.95.147.29 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[20/Jul/2022:00:00:31 +0200] 45.95.147.29 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /sssss HTTP/1.1" 303
[20/Jul/2022:00:07:59 +0200] 185.83.144.103 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /credentials/.env HTTP/1.1" 317
[20/Jul/2022:00:07:59 +0200] 185.83.144.103 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /credentials/.env HTTP/1.1" 317
[20/Jul/2022:01:06:29 +0200] 185.220.101.184 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[20/Jul/2022:01:08:10 +0200] 103.203.57.10 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[20/Jul/2022:01:38:55 +0200] 191.232.38.25 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /mgmt/tm/util/bash HTTP/1.1" 400
[20/Jul/2022:01:39:24 +0200] 185.83.146.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /xampp/phpinfo.php HTTP/1.1" 319
[20/Jul/2022:01:39:25 +0200] 185.83.146.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /xampp/phpinfo.php HTTP/1.1" 319
[20/Jul/2022:01:54:46 +0200] 35.167.27.234 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 306
[20/Jul/2022:01:55:10 +0200] 54.200.14.157 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 306
[20/Jul/2022:01:59:12 +0200] 18.237.206.31 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 306
[20/Jul/2022:01:59:30 +0200] 35.165.140.239 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 313
[20/Jul/2022:01:59:33 +0200] 35.165.140.239 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 306