[23/Sep/2022:02:12:19 +0200] 128.199.44.251 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383 [23/Sep/2022:03:18:30 +0200] 65.49.20.67 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383 [23/Sep/2022:03:25:06 +0200] 65.49.20.67 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309 [23/Sep/2022:03:28:01 +0200] 65.49.20.71 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301 [23/Sep/2022:03:40:16 +0200] 193.46.255.199 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /Electron/download/windows/\\Windows\\win.ini HTTP/1.0" 423 [23/Sep/2022:04:48:06 +0200] 193.118.53.210 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301 [23/Sep/2022:05:10:25 +0200] 154.209.125.69 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383 [23/Sep/2022:05:54:00 +0200] 192.241.220.212 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335 [23/Sep/2022:06:21:42 +0200] 185.142.236.41 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383 [23/Sep/2022:06:22:08 +0200] 185.142.236.41 - - "-" - [23/Sep/2022:06:22:30 +0200] 185.142.236.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379 [23/Sep/2022:06:22:34 +0200] 185.142.236.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379 [23/Sep/2022:06:22:34 +0200] 185.142.236.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379 [23/Sep/2022:06:22:42 +0200] 185.142.236.41 TLSv1.2 AES256-SHA "quit" 379 [23/Sep/2022:06:22:43 +0200] 185.142.236.41 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 393 [23/Sep/2022:06:22:44 +0200] 185.142.236.41 TLSv1.2 AES256-SHA "GET /sitemap.xml HTTP/1.1" 394 [23/Sep/2022:06:22:47 +0200] 185.142.236.41 TLSv1.2 AES256-SHA "GET /.well-known/security.txt HTTP/1.1" 407 [23/Sep/2022:06:22:48 +0200] 185.142.236.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /favicon.ico HTTP/1.1" 309 [23/Sep/2022:06:22:49 +0200] 185.142.236.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379 [23/Sep/2022:06:40:42 +0200] 139.162.222.29 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301 [23/Sep/2022:07:38:05 +0200] 143.198.146.206 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304 [23/Sep/2022:07:38:07 +0200] 143.198.146.206 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304 [23/Sep/2022:07:38:13 +0200] 143.198.146.206 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301 [23/Sep/2022:08:41:14 +0200] 193.106.29.122 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388 [23/Sep/2022:09:13:44 +0200] 128.14.133.58 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301 [23/Sep/2022:09:13:54 +0200] 128.14.133.58 TLSv1.2 AES256-SHA "HEAD /icons/sphere1.png HTTP/1.1" - [23/Sep/2022:09:41:15 +0200] 192.241.220.223 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301 [23/Sep/2022:09:54:05 +0200] 65.21.246.232 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /wp-content/themes/seotheme/mar.php HTTP/1.1" 315 [23/Sep/2022:09:54:16 +0200] 65.21.246.232 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /wp-includes/shell20211028.php HTTP/1.1" 316 [23/Sep/2022:09:54:32 +0200] 65.21.246.232 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /1index.php HTTP/1.1" 302 [23/Sep/2022:09:54:47 +0200] 65.21.246.232 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /shell4.php HTTP/1.1" 302 [23/Sep/2022:09:55:08 +0200] 65.21.246.232 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /ru.php HTTP/1.1" 299 [23/Sep/2022:09:55:18 +0200] 65.21.246.232 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /saudi.php HTTP/1.1" 301 [23/Sep/2022:10:06:33 +0200] 162.142.125.121 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301 [23/Sep/2022:10:06:34 +0200] 162.142.125.121 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379 [23/Sep/2022:10:06:41 +0200] 66.249.64.112 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 308 [23/Sep/2022:10:06:42 +0200] 66.249.64.112 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301 [23/Sep/2022:10:30:12 +0200] 113.243.161.0 TLSv1.2 AES256-SHA "GET / HTTP/1.0" 388 [23/Sep/2022:10:30:13 +0200] 113.243.161.0 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301 [23/Sep/2022:11:15:42 +0200] 94.102.61.8 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301 [23/Sep/2022:11:19:23 +0200] 150.239.77.118 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301 [23/Sep/2022:11:19:24 +0200] 150.239.77.118 TLSv1.2 AES256-SHA "GET /version HTTP/1.1" 305 [23/Sep/2022:11:19:25 +0200] 150.239.77.118 TLSv1.2 AES256-SHA "GET /pods HTTP/1.1" 304 [23/Sep/2022:11:51:59 +0200] 183.136.225.35 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383 [23/Sep/2022:11:55:27 +0200] 183.136.225.35 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301 [23/Sep/2022:11:55:52 +0200] 183.136.225.35 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309 [23/Sep/2022:11:56:14 +0200] 183.136.225.35 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 308 [23/Sep/2022:11:59:08 +0200] 152.89.196.23 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452 [23/Sep/2022:12:43:08 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327 [23/Sep/2022:13:19:42 +0200] 51.103.85.121 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304 [23/Sep/2022:13:19:43 +0200] 51.103.85.121 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 301 [23/Sep/2022:13:57:31 +0200] 154.209.125.69 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383 [23/Sep/2022:14:07:19 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "GET /actuator/gateway/routes HTTP/1.1" 315 [23/Sep/2022:14:25:20 +0200] 139.162.222.29 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301 [23/Sep/2022:14:25:26 +0200] 192.241.192.196 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx HTTP/1.1" 314 [23/Sep/2022:14:27:24 +0200] 192.241.205.223 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348 [23/Sep/2022:14:29:14 +0200] 192.241.192.196 TLSv1.2 AES256-SHA "GET /owa/auth/x.js HTTP/1.1" 310 [23/Sep/2022:15:17:16 +0200] 192.241.219.60 TLSv1.2 AES256-SHA "GET /version HTTP/1.1" 305 [23/Sep/2022:15:36:26 +0200] 65.21.246.232 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /wp-content/themes/seotheme/mar.php HTTP/1.1" 317 [23/Sep/2022:15:36:42 +0200] 65.21.246.232 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /wp-includes/shell20211028.php HTTP/1.1" 317 [23/Sep/2022:15:37:01 +0200] 65.21.246.232 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /1index.php HTTP/1.1" 305 [23/Sep/2022:15:37:23 +0200] 65.21.246.232 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /shell4.php HTTP/1.1" 304 [23/Sep/2022:15:37:39 +0200] 65.21.246.232 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /ru.php HTTP/1.1" 302 [23/Sep/2022:15:37:59 +0200] 65.21.246.232 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /saudi.php HTTP/1.1" 304 [23/Sep/2022:17:01:33 +0200] 167.94.138.44 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301 [23/Sep/2022:17:01:34 +0200] 167.94.138.44 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379 [23/Sep/2022:18:11:17 +0200] 193.118.53.194 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301 [23/Sep/2022:18:59:00 +0200] 66.43.6.212 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 308 [23/Sep/2022:19:30:04 +0200] 65.21.246.232 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /wp-content/themes/seotheme/mar.php HTTP/1.1" 320 [23/Sep/2022:19:30:15 +0200] 65.21.246.232 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /wp-includes/shell20211028.php HTTP/1.1" 321 [23/Sep/2022:19:30:32 +0200] 65.21.246.232 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /1index.php HTTP/1.1" 308 [23/Sep/2022:19:30:41 +0200] 65.21.246.232 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /shell4.php HTTP/1.1" 308 [23/Sep/2022:19:30:55 +0200] 65.21.246.232 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /ru.php HTTP/1.1" 305 [23/Sep/2022:19:31:05 +0200] 65.21.246.232 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /saudi.php HTTP/1.1" 307 [23/Sep/2022:19:37:34 +0200] 65.21.246.232 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /wp-content/themes/seotheme/mar.php HTTP/1.1" 327 [23/Sep/2022:19:37:44 +0200] 65.21.246.232 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /wp-includes/shell20211028.php HTTP/1.1" 328 [23/Sep/2022:19:37:58 +0200] 65.21.246.232 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /1index.php HTTP/1.1" 314 [23/Sep/2022:19:38:14 +0200] 65.21.246.232 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /shell4.php HTTP/1.1" 314 [23/Sep/2022:19:38:29 +0200] 65.21.246.232 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /ru.php HTTP/1.1" 312 [23/Sep/2022:19:38:48 +0200] 65.21.246.232 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /saudi.php HTTP/1.1" 313 [23/Sep/2022:19:41:00 +0200] 143.198.146.206 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304 [23/Sep/2022:19:41:06 +0200] 143.198.146.206 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301 [23/Sep/2022:20:02:16 +0200] 23.251.102.74 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301 [23/Sep/2022:20:19:34 +0200] 205.210.31.146 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 385 [23/Sep/2022:20:50:28 +0200] 41.79.234.173 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /admin/config.php HTTP/1.0" 393 [23/Sep/2022:20:53:52 +0200] 167.94.138.45 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383 [23/Sep/2022:20:53:52 +0200] 167.94.138.45 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301 [23/Sep/2022:20:53:53 +0200] 167.94.138.45 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379 [23/Sep/2022:20:54:03 +0200] 152.89.196.23 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452 [23/Sep/2022:22:12:18 +0200] 87.236.176.127 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301 [23/Sep/2022:22:23:34 +0200] 100.26.232.66 TLSv1.2 AES256-SHA "GET /s3cmd.ini HTTP/1.1" 308 [23/Sep/2022:23:00:17 +0200] 60.217.75.70 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301 [23/Sep/2022:23:24:51 +0200] 60.217.75.70 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301 [23/Sep/2022:23:53:45 +0200] 179.43.155.171 TLSv1.2 AES256-SHA "GET /explore HTTP/1.1" 306 [24/Sep/2022:01:01:59 +0200] 34.78.6.216 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301 [24/Sep/2022:01:34:40 +0200] 35.91.154.114 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 306 [24/Sep/2022:01:35:03 +0200] 34.214.58.253 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 313