[01/Oct/2022:02:56:21 +0200] 162.62.191.231 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 500
[01/Oct/2022:03:18:26 +0200] 178.62.197.136 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Oct/2022:03:44:05 +0200] 198.12.252.125 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /db_backup.sql.gz HTTP/1.1" 402
[01/Oct/2022:03:48:33 +0200] 152.89.196.23 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[01/Oct/2022:04:00:11 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327
[01/Oct/2022:04:31:40 +0200] 217.146.82.142 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[01/Oct/2022:04:57:47 +0200] 192.241.220.62 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx HTTP/1.1" 314
[01/Oct/2022:04:57:49 +0200] 192.241.213.5 TLSv1.2 AES256-SHA "GET /owa/auth/x.js HTTP/1.1" 310
[01/Oct/2022:04:58:17 +0200] 198.199.93.71 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[01/Oct/2022:05:26:12 +0200] 193.118.53.194 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Oct/2022:05:55:04 +0200] 192.241.218.138 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[01/Oct/2022:05:55:08 +0200] 192.241.218.37 TLSv1.2 AES256-SHA "GET /owa/auth/x.js HTTP/1.1" 310
[01/Oct/2022:05:55:22 +0200] 192.241.212.102 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx HTTP/1.1" 314
[01/Oct/2022:05:59:31 +0200] 192.241.205.12 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[01/Oct/2022:06:01:46 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "GET /actuator/gateway/routes HTTP/1.1" 315
[01/Oct/2022:06:02:10 +0200] 194.163.171.53 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Oct/2022:06:06:43 +0200] 198.235.24.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[01/Oct/2022:06:58:52 +0200] 193.235.141.169 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 307
[01/Oct/2022:07:13:48 +0200] 192.241.216.14 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[01/Oct/2022:07:14:17 +0200] 192.241.215.216 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx HTTP/1.1" 314
[01/Oct/2022:07:14:32 +0200] 192.241.208.203 TLSv1.2 AES256-SHA "GET /owa/auth/x.js HTTP/1.1" 310
[01/Oct/2022:07:25:25 +0200] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /db_backup.harm.at.sql HTTP/1.1" 398
[01/Oct/2022:08:22:46 +0200] 54.241.138.120 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /owa/auth/logon.aspx HTTP/1.1" 402
[01/Oct/2022:08:33:57 +0200] 192.241.213.183 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx HTTP/1.1" 314
[01/Oct/2022:08:34:23 +0200] 192.241.213.13 TLSv1.2 AES256-SHA "GET /owa/auth/x.js HTTP/1.1" 310
[01/Oct/2022:08:34:33 +0200] 192.241.221.49 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[01/Oct/2022:09:50:42 +0200] 192.241.217.236 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Oct/2022:12:21:20 +0200] 198.12.252.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /configuration.php~ HTTP/1.1" 404
[01/Oct/2022:12:56:57 +0200] 198.12.252.125 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /configuration.php~ HTTP/1.1" 395
[01/Oct/2022:13:18:30 +0200] 194.110.203.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /configuration.php~ HTTP/1.1" 412
[01/Oct/2022:13:47:16 +0200] 167.248.133.60 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[01/Oct/2022:13:47:17 +0200] 167.248.133.60 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Oct/2022:13:47:17 +0200] 167.248.133.60 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[01/Oct/2022:13:50:30 +0200] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /wp-config.php.bak HTTP/1.1" 411
[01/Oct/2022:13:53:12 +0200] 94.102.61.8 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Oct/2022:13:55:50 +0200] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /wp-config.php.bak HTTP/1.1" 403
[01/Oct/2022:14:23:36 +0200] 51.159.99.253 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /favicon.ico HTTP/1.1" 394
[01/Oct/2022:14:23:36 +0200] 51.159.99.253 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[01/Oct/2022:14:28:04 +0200] 194.110.203.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /wp-config.php.bak HTTP/1.1" 394
[01/Oct/2022:14:41:33 +0200] 194.110.203.39 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /configuration.php~ HTTP/1.1" 412
[01/Oct/2022:15:38:01 +0200] 194.110.203.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /wp-config.php.bak HTTP/1.1" 411
[01/Oct/2022:16:04:39 +0200] 64.62.197.17 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[01/Oct/2022:16:11:52 +0200] 64.62.197.17 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[01/Oct/2022:16:14:42 +0200] 64.62.197.20 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Oct/2022:16:22:13 +0200] 194.110.203.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /wp-config.bak.php HTTP/1.1" 394
[01/Oct/2022:16:32:03 +0200] 151.106.32.179 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[01/Oct/2022:16:32:03 +0200] 151.106.32.179 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 754
[01/Oct/2022:16:32:05 +0200] 151.106.32.179 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /en_US/config.html HTTP/1.1" 714
[01/Oct/2022:16:32:05 +0200] 151.106.32.179 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /HNAP1/ HTTP/1.1" 754
[01/Oct/2022:17:32:37 +0200] 209.141.35.128 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[01/Oct/2022:17:41:01 +0200] 35.87.170.131 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "HEAD /epa/scripts/win/nsepa_setup.exe HTTP/1.1" -
[01/Oct/2022:17:52:54 +0200] 176.58.97.17 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[01/Oct/2022:18:26:52 +0200] 192.241.213.251 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[01/Oct/2022:18:40:12 +0200] 198.235.24.52 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 394
[01/Oct/2022:18:42:51 +0200] 194.110.203.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /configuration.php.bak HTTP/1.1" 407
[01/Oct/2022:19:28:13 +0200] 192.241.220.24 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[01/Oct/2022:19:39:30 +0200] 152.89.196.23 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[01/Oct/2022:19:40:18 +0200] 159.203.80.33 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[01/Oct/2022:19:40:20 +0200] 159.203.80.33 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304
[01/Oct/2022:20:33:24 +0200] 192.241.216.62 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[01/Oct/2022:20:54:28 +0200] 159.203.80.33 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[01/Oct/2022:20:54:30 +0200] 159.203.80.33 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304
[01/Oct/2022:21:10:13 +0200] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /configuration.php.bck HTTP/1.1" 398
[01/Oct/2022:21:35:56 +0200] 192.241.220.69 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[01/Oct/2022:21:55:55 +0200] 89.23.100.172 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /configuration.php.bck HTTP/1.1" 407
[01/Oct/2022:22:22:50 +0200] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /configuration.php.bck HTTP/1.1" 415
[01/Oct/2022:23:18:13 +0200] 192.241.214.64 TLSv1.2 AES256-SHA "GET /actuator/health HTTP/1.1" 310
[01/Oct/2022:23:36:53 +0200] 185.244.212.24 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 377
[01/Oct/2022:23:36:53 +0200] 92.17.142.251 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 377
[01/Oct/2022:23:36:54 +0200] 216.131.116.88 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 377
[01/Oct/2022:23:36:54 +0200] 68.183.245.101 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 377
[01/Oct/2022:23:36:55 +0200] 173.245.202.200 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 377
[01/Oct/2022:23:43:47 +0200] 60.217.75.70 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Oct/2022:23:49:21 +0200] 162.142.125.121 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/Oct/2022:23:49:22 +0200] 162.142.125.121 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[02/Oct/2022:00:29:39 +0200] 193.235.141.177 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 306
[02/Oct/2022:00:44:33 +0200] 20.12.11.47 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[02/Oct/2022:00:44:33 +0200] 20.12.11.47 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 301
[02/Oct/2022:01:02:47 +0200] 34.78.6.216 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[02/Oct/2022:01:18:27 +0200] 34.67.115.109 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 295
[02/Oct/2022:01:35:44 +0200] 192.241.202.43 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[02/Oct/2022:01:49:50 +0200] 35.92.225.5 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 306
[02/Oct/2022:01:50:04 +0200] 34.210.17.11 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 313
[02/Oct/2022:01:50:07 +0200] 34.210.17.11 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 306