[14/Sep/2022:03:01:35 +0200] 128.14.133.58 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[14/Sep/2022:04:19:39 +0200] 111.13.63.67 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[14/Sep/2022:04:20:27 +0200] 128.1.248.26 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[14/Sep/2022:05:04:07 +0200] 181.214.218.69 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[14/Sep/2022:05:10:18 +0200] 66.240.236.116 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[14/Sep/2022:05:33:43 +0200] 192.241.219.87 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[14/Sep/2022:06:08:11 +0200] 193.106.29.122 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388
[14/Sep/2022:06:26:46 +0200] 185.180.143.137 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[14/Sep/2022:06:47:40 +0200] 185.189.182.234 TLSv1.2 AES256-SHA "GET /vI7f HTTP/1.1" 379
[14/Sep/2022:06:50:19 +0200] 192.241.219.148 TLSv1.2 AES256-SHA "GET /ReportServer HTTP/1.1" 307
[14/Sep/2022:07:04:06 +0200] 192.241.208.78 TLSv1.2 AES256-SHA "GET /login HTTP/1.1" 305
[14/Sep/2022:07:44:39 +0200] 94.102.61.8 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[14/Sep/2022:07:45:37 +0200] 183.136.225.35 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[14/Sep/2022:07:46:08 +0200] 183.136.225.35 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[14/Sep/2022:07:46:29 +0200] 183.136.225.35 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[14/Sep/2022:07:47:10 +0200] 183.136.225.35 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 308
[14/Sep/2022:07:47:41 +0200] 152.89.196.23 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[14/Sep/2022:07:51:04 +0200] 94.102.61.8 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[14/Sep/2022:08:43:17 +0200] 205.210.31.170 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 385
[14/Sep/2022:09:17:10 +0200] 192.241.221.35 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[14/Sep/2022:09:29:21 +0200] 68.183.2.35 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[14/Sep/2022:09:52:37 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327
[14/Sep/2022:10:01:06 +0200] 172.105.189.111 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[14/Sep/2022:10:43:52 +0200] 54.176.65.96 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[14/Sep/2022:10:44:45 +0200] 54.176.72.237 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[14/Sep/2022:11:12:43 +0200] 45.83.64.72 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 293
[14/Sep/2022:11:12:43 +0200] 45.83.66.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /favicon.ico HTTP/1.1" 293
[14/Sep/2022:11:47:27 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "GET /actuator/gateway/routes HTTP/1.1" 315
[14/Sep/2022:12:38:17 +0200] 157.55.39.210 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 314
[14/Sep/2022:12:38:19 +0200] 157.55.39.210 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 314
[14/Sep/2022:12:38:30 +0200] 157.55.39.151 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[14/Sep/2022:14:24:12 +0200] 167.248.133.45 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[14/Sep/2022:14:24:13 +0200] 167.248.133.45 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[14/Sep/2022:14:24:13 +0200] 167.248.133.45 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[14/Sep/2022:14:30:44 +0200] 128.14.209.162 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[14/Sep/2022:14:42:42 +0200] 65.49.20.66 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[14/Sep/2022:14:49:22 +0200] 65.49.20.66 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[14/Sep/2022:14:51:41 +0200] 65.49.20.126 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[14/Sep/2022:15:26:21 +0200] 192.241.205.223 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx HTTP/1.1" 314
[14/Sep/2022:15:27:34 +0200] 192.241.194.198 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[14/Sep/2022:15:31:05 +0200] 192.241.196.214 TLSv1.2 AES256-SHA "GET /owa/auth/x.js HTTP/1.1" 310
[14/Sep/2022:15:37:23 +0200] 185.225.73.174 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[14/Sep/2022:15:37:24 +0200] 185.225.73.174 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 301
[14/Sep/2022:16:22:21 +0200] 162.142.125.121 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[14/Sep/2022:16:22:21 +0200] 162.142.125.121 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[14/Sep/2022:17:30:24 +0200] 43.131.66.209 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 500
[14/Sep/2022:17:30:44 +0200] 205.185.121.69 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[14/Sep/2022:17:30:49 +0200] 8.45.47.67 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 314
[14/Sep/2022:17:30:50 +0200] 209.141.35.128 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[14/Sep/2022:17:30:55 +0200] 209.141.49.169 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[14/Sep/2022:17:30:59 +0200] 205.185.122.184 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 297
[14/Sep/2022:17:31:05 +0200] 209.141.55.120 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 305
[14/Sep/2022:17:40:27 +0200] 185.180.143.72 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[14/Sep/2022:19:40:46 +0200] 137.226.113.44 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 308
[14/Sep/2022:19:46:52 +0200] 192.241.209.42 TLSv1.2 AES256-SHA "GET /actuator/health HTTP/1.1" 310
[14/Sep/2022:20:05:52 +0200] 185.83.146.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 310
[14/Sep/2022:20:05:53 +0200] 185.83.146.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.env HTTP/1.1" 310
[14/Sep/2022:20:05:55 +0200] 185.83.146.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/credentials HTTP/1.1" 317
[14/Sep/2022:20:05:56 +0200] 185.83.146.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/credentials HTTP/1.1" 317
[14/Sep/2022:20:05:58 +0200] 185.83.146.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/config HTTP/1.1" 315
[14/Sep/2022:20:06:00 +0200] 185.83.146.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/config HTTP/1.1" 315
[14/Sep/2022:20:06:01 +0200] 185.83.146.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /aws/credentials HTTP/1.1" 316
[14/Sep/2022:20:06:03 +0200] 185.83.146.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /aws/credentials HTTP/1.1" 316
[14/Sep/2022:20:06:04 +0200] 185.83.146.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /credentials HTTP/1.1" 314
[14/Sep/2022:20:06:06 +0200] 185.83.146.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /credentials HTTP/1.1" 314
[14/Sep/2022:20:06:08 +0200] 185.83.146.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /test.php HTTP/1.1" 312
[14/Sep/2022:20:06:10 +0200] 185.83.146.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /test.php HTTP/1.1" 312
[14/Sep/2022:20:06:12 +0200] 185.83.146.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /laravel/.env HTTP/1.1" 315
[14/Sep/2022:20:06:13 +0200] 185.83.146.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /laravel/.env HTTP/1.1" 315
[14/Sep/2022:20:06:15 +0200] 185.83.146.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /demo/.env HTTP/1.1" 313
[14/Sep/2022:20:06:17 +0200] 185.83.146.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /demo/.env HTTP/1.1" 313
[14/Sep/2022:20:06:19 +0200] 185.83.146.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /web/.env HTTP/1.1" 312
[14/Sep/2022:20:06:22 +0200] 185.83.146.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /web/.env HTTP/1.1" 312
[14/Sep/2022:20:45:05 +0200] 51.159.164.227 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "HEAD / HTTP/1.1" -
[14/Sep/2022:20:45:05 +0200] 51.159.164.227 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "HEAD / HTTP/1.1" -
[14/Sep/2022:20:45:06 +0200] 51.159.164.227 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[14/Sep/2022:20:45:06 +0200] 51.159.164.227 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /favicon.ico HTTP/1.1" 394
[14/Sep/2022:21:26:44 +0200] 45.134.144.228 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET //a2billing/customer/templates/default/footer.tpl HTTP/1.1" 333
[14/Sep/2022:23:28:18 +0200] 183.136.225.35 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[14/Sep/2022:23:28:24 +0200] 205.210.31.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 380
[14/Sep/2022:23:28:54 +0200] 183.136.225.35 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[14/Sep/2022:23:29:15 +0200] 183.136.225.35 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[14/Sep/2022:23:29:56 +0200] 183.136.225.35 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 308
[14/Sep/2022:23:33:23 +0200] 188.166.147.46 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[14/Sep/2022:23:33:24 +0200] 188.166.147.46 TLSv1.2 AES256-SHA "GET /?rest_route=/wp/v2/users/ HTTP/1.1" 317
[14/Sep/2022:23:33:24 +0200] 188.166.147.46 TLSv1.2 AES256-SHA "GET /.env HTTP/1.1" 304
[14/Sep/2022:23:33:24 +0200] 188.166.147.46 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 310
[14/Sep/2022:23:33:24 +0200] 188.166.147.46 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[14/Sep/2022:23:33:24 +0200] 188.166.147.46 TLSv1.2 AES256-SHA "GET /debug/default/view?panel=config HTTP/1.1" 325
[14/Sep/2022:23:33:24 +0200] 188.166.147.46 TLSv1.2 AES256-SHA "GET /info.php HTTP/1.1" 307
[14/Sep/2022:23:33:24 +0200] 188.166.147.46 TLSv1.2 AES256-SHA "GET /telescope/requests HTTP/1.1" 311
[14/Sep/2022:23:33:24 +0200] 188.166.147.46 TLSv1.2 AES256-SHA "GET /s/38362e35392e3131332e313032/_/;/META-INF/maven/com.atlassian.jira/jira-webapp-dist/pom.properties HTTP/1.1" 366
[14/Sep/2022:23:33:24 +0200] 188.166.147.46 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[14/Sep/2022:23:33:24 +0200] 188.166.147.46 TLSv1.2 AES256-SHA "GET /.DS_Store HTTP/1.1" 307
[14/Sep/2022:23:33:24 +0200] 188.166.147.46 TLSv1.2 AES256-SHA "GET /config.json HTTP/1.1" 311
[14/Sep/2022:23:33:24 +0200] 188.166.147.46 TLSv1.2 AES256-SHA "GET /server-status HTTP/1.1" 308
[14/Sep/2022:23:33:25 +0200] 188.166.147.46 TLSv1.2 AES256-SHA "GET /v2/_catalog HTTP/1.1" 310
[14/Sep/2022:23:33:25 +0200] 188.166.147.46 TLSv1.2 AES256-SHA "GET /about HTTP/1.1" 305
[14/Sep/2022:23:33:25 +0200] 188.166.147.46 TLSv1.2 AES256-SHA "GET /api/search?folderIds=0 HTTP/1.1" 316
[14/Sep/2022:23:33:25 +0200] 188.166.147.46 TLSv1.2 AES256-SHA "GET /login.action HTTP/1.1" 311
[14/Sep/2022:23:35:19 +0200] 106.75.130.83 TLSv1.2 AES256-SHA "{\"method\":\"login\",\"params\":{\"login\":\"45JymPWP1DeQxxMZNJv9w2bTQ2WJDAmw18wUSryDQa3RPrympJPoUSVcFEDv3bhiMJGWaCD4a3KrFCorJHCMqXJUKApSKDV\",\"pass\":\"xxoo\",\"agent\":\"xmr-stak-cpu/1.3.0-1.5.0\"},\"id\":1}" 379
[14/Sep/2022:23:35:20 +0200] 106.75.130.83 TLSv1.2 AES256-SHA "{\"id\":1,\"method\":\"mining.subscribe\",\"params\":[]}" 379
[14/Sep/2022:23:35:21 +0200] 106.75.130.83 TLSv1.2 AES256-SHA "{\"params\": [\"miner1\", \"password\"], \"id\": 2, \"method\": \"mining.authorize\"}" 379
[14/Sep/2022:23:35:23 +0200] 106.75.130.83 TLSv1.2 AES256-SHA "{\"id\":1,\"jsonrpc\":\"2.0\",\"method\":\"login\",\"params\":{\"login\":\"blue1\",\"pass\":\"x\",\"agent\":\"Windows NT 6.1; Win64; x64\"}}" 379
[14/Sep/2022:23:35:24 +0200] 106.75.130.83 TLSv1.2 AES256-SHA "{\"params\": [\"miner1\", \"bf\", \"00000001\", \"504e86ed\", \"b2957c02\"], \"id\": 4, \"method\": \"mining.submit\"}" 379
[14/Sep/2022:23:35:25 +0200] 106.75.130.83 TLSv1.2 AES256-SHA "{\"id\":1,\"jsonrpc\":\"2.0\",\"method\":\"login\",\"params\":{\"login\":\"x\",\"pass\":\"null\",\"agent\":\"XMRig/5.13.1\",\"algo\":[\"cn/1\",\"cn/2\",\"cn/r\",\"cn/fast\",\"cn/half\",\"cn/xao\",\"cn/rto\",\"cn/rwz\",\"cn/zls\",\"cn/double\",\"rx/0\",\"rx/wow\",\"rx/loki\",\"rx/arq\",\"rx/sfx\",\"rx/keva\"]}}" 379
[14/Sep/2022:23:41:32 +0200] 88.214.43.118 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /phpinf0.php HTTP/1.1" 303
[14/Sep/2022:23:41:33 +0200] 88.214.43.118 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /phpinf0.php HTTP/1.1" 303
[14/Sep/2022:23:55:36 +0200] 205.210.31.56 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 380
[15/Sep/2022:00:07:36 +0200] 198.235.24.141 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 380
[15/Sep/2022:00:21:47 +0200] 162.142.125.222 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[15/Sep/2022:00:21:47 +0200] 162.142.125.222 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[15/Sep/2022:00:21:48 +0200] 162.142.125.222 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[15/Sep/2022:00:38:59 +0200] 198.235.24.47 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 380
[15/Sep/2022:00:50:08 +0200] 152.89.196.23 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[15/Sep/2022:00:58:07 +0200] 35.233.62.116 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[15/Sep/2022:01:09:19 +0200] 185.83.144.103 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/config.php HTTP/1.1" 318
[15/Sep/2022:01:09:21 +0200] 185.83.144.103 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/config.php HTTP/1.1" 318
[15/Sep/2022:01:19:40 +0200] 137.184.119.122 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304