[04/Oct/2022:02:21:20 +0200] 54.212.120.34 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[04/Oct/2022:02:21:42 +0200] 54.184.35.112 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 302
[04/Oct/2022:02:21:45 +0200] 54.184.35.112 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[04/Oct/2022:04:40:40 +0200] 152.89.196.23 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[04/Oct/2022:05:14:01 +0200] 183.136.225.35 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[04/Oct/2022:05:34:42 +0200] 183.136.225.35 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[04/Oct/2022:05:35:04 +0200] 183.136.225.35 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[04/Oct/2022:05:35:45 +0200] 183.136.225.35 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 308
[04/Oct/2022:05:46:59 +0200] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /data.sql HTTP/1.1" 385
[04/Oct/2022:06:03:54 +0200] 194.110.203.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /data.sql HTTP/1.1" 394
[04/Oct/2022:06:52:16 +0200] 167.94.145.57 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[04/Oct/2022:06:52:16 +0200] 167.94.145.57 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[04/Oct/2022:06:52:16 +0200] 167.94.145.57 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[04/Oct/2022:06:55:33 +0200] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /data.sql HTTP/1.1" 402
[04/Oct/2022:07:56:45 +0200] 138.246.253.24 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 393
[04/Oct/2022:08:06:42 +0200] 181.214.206.161 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "-" -
[04/Oct/2022:09:28:40 +0200] 66.240.236.109 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[04/Oct/2022:09:32:04 +0200] 198.235.24.43 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[04/Oct/2022:09:52:58 +0200] 192.241.206.58 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[04/Oct/2022:11:24:34 +0200] 164.90.151.102 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[04/Oct/2022:12:46:47 +0200] 74.82.47.5 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[04/Oct/2022:12:48:53 +0200] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /1.sql HTTP/1.1" 391
[04/Oct/2022:12:49:46 +0200] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /1.sql HTTP/1.1" 382
[04/Oct/2022:12:55:37 +0200] 74.82.47.5 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[04/Oct/2022:13:00:20 +0200] 74.82.47.49 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[04/Oct/2022:13:08:00 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[04/Oct/2022:16:00:08 +0200] 194.110.203.44 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /1.sql HTTP/1.1" 399
[04/Oct/2022:16:23:19 +0200] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /1.sql HTTP/1.1" 399
[04/Oct/2022:16:34:42 +0200] 192.241.213.175 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx HTTP/1.1" 314
[04/Oct/2022:16:36:52 +0200] 192.241.219.120 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[04/Oct/2022:16:38:58 +0200] 192.241.213.175 TLSv1.2 AES256-SHA "GET /owa/auth/x.js HTTP/1.1" 310
[04/Oct/2022:16:42:03 +0200] 152.89.196.23 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[04/Oct/2022:17:27:14 +0200] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /1.sql HTTP/1.1" 391
[04/Oct/2022:17:28:18 +0200] 20.12.11.47 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[04/Oct/2022:17:28:18 +0200] 20.12.11.47 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 301
[04/Oct/2022:17:37:55 +0200] 178.32.197.80 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[04/Oct/2022:17:50:08 +0200] 165.232.157.4 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[04/Oct/2022:17:50:09 +0200] 165.232.157.4 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[04/Oct/2022:18:28:14 +0200] 188.165.87.101 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /favicon.ico HTTP/1.1" 394
[04/Oct/2022:18:36:31 +0200] 188.165.87.102 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 2946
[04/Oct/2022:18:47:24 +0200] 20.12.11.47 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[04/Oct/2022:18:47:25 +0200] 20.12.11.47 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 301
[04/Oct/2022:18:55:59 +0200] 194.110.203.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /1.rar HTTP/1.1" 399
[04/Oct/2022:19:15:18 +0200] 146.70.95.50 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /wp-admin/install.php?step=1 HTTP/1.1" 320
[04/Oct/2022:19:41:51 +0200] 51.254.49.96 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[04/Oct/2022:20:08:42 +0200] 183.136.225.35 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[04/Oct/2022:20:35:42 +0200] 183.136.225.35 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[04/Oct/2022:20:36:03 +0200] 183.136.225.35 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[04/Oct/2022:20:36:44 +0200] 183.136.225.35 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 308
[04/Oct/2022:20:58:21 +0200] 109.237.97.204 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[04/Oct/2022:20:58:22 +0200] 109.237.97.204 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.env HTTP/1.1" 304
[04/Oct/2022:20:58:22 +0200] 109.237.97.204 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/credentials HTTP/1.1" 311
[04/Oct/2022:20:58:23 +0200] 109.237.97.204 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/credentials HTTP/1.1" 311
[04/Oct/2022:20:58:23 +0200] 109.237.97.204 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /laravel/.env HTTP/1.1" 309
[04/Oct/2022:20:58:23 +0200] 109.237.97.204 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /laravel/.env HTTP/1.1" 309
[04/Oct/2022:20:58:24 +0200] 109.237.97.204 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /demo/.env HTTP/1.1" 307
[04/Oct/2022:20:58:24 +0200] 109.237.97.204 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /demo/.env HTTP/1.1" 307
[04/Oct/2022:20:58:25 +0200] 109.237.97.204 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /web/.env HTTP/1.1" 307
[04/Oct/2022:20:58:25 +0200] 109.237.97.204 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /web/.env HTTP/1.1" 307
[04/Oct/2022:20:58:25 +0200] 109.237.97.204 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /admin/.env HTTP/1.1" 308
[04/Oct/2022:20:58:26 +0200] 109.237.97.204 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /admin/.env HTTP/1.1" 308
[04/Oct/2022:20:58:26 +0200] 109.237.97.204 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backend/.env HTTP/1.1" 310
[04/Oct/2022:20:58:27 +0200] 109.237.97.204 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /backend/.env HTTP/1.1" 310
[04/Oct/2022:20:58:27 +0200] 109.237.97.204 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /app/.env HTTP/1.1" 307
[04/Oct/2022:20:58:28 +0200] 109.237.97.204 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /app/.env HTTP/1.1" 307
[04/Oct/2022:20:58:28 +0200] 109.237.97.204 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /js/app.js HTTP/1.1" 308
[04/Oct/2022:20:58:29 +0200] 109.237.97.204 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /js/app.js HTTP/1.1" 308
[04/Oct/2022:22:18:14 +0200] 194.5.73.5 TLSv1.2 AES256-SHA "GET /rest/api/latest/projects/%7B%7Bkey%7D%7D/repos/%7B%7Bslug%7D%7D/archive?filename=08M2R&at=08M2R&path=08M2R&prefix=ax%00--exec=%60divd_fake_command%60%00--remote=origin HTTP/1.1" 416
[04/Oct/2022:22:47:04 +0200] 83.136.32.58 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "HEAD / HTTP/1.0" -
[04/Oct/2022:23:07:09 +0200] 172.104.145.148 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[04/Oct/2022:23:12:54 +0200] 172.104.145.148 TLSv1.2 AES256-SHA "GET /autodiscover/autodiscover.json?@cyberobservatorytest.com/owa/&Email=autodiscover/autodiscover.json%3f@cyberobservatorytest.com HTTP/1.1" 358
[04/Oct/2022:23:15:18 +0200] 192.241.213.27 TLSv1.2 AES256-SHA "GET /actuator/health HTTP/1.1" 310
[04/Oct/2022:23:19:31 +0200] 35.161.111.42 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[04/Oct/2022:23:19:55 +0200] 52.32.221.163 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 314
[04/Oct/2022:23:19:59 +0200] 52.32.221.163 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[04/Oct/2022:23:24:31 +0200] 34.213.42.249 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[04/Oct/2022:23:35:34 +0200] 194.110.203.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /1.tar HTTP/1.1" 399
[04/Oct/2022:23:35:40 +0200] 128.199.72.103 TLSv1.2 AES256-SHA "POST /_ignition/execute-solution HTTP/1.1" 319
[04/Oct/2022:23:35:43 +0200] 128.199.72.103 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[04/Oct/2022:23:35:45 +0200] 128.199.72.103 TLSv1.2 AES256-SHA "GET /script HTTP/1.1" 305
[04/Oct/2022:23:35:48 +0200] 128.199.72.103 TLSv1.2 AES256-SHA "GET /login HTTP/1.1" 305
[04/Oct/2022:23:35:51 +0200] 128.199.72.103 TLSv1.2 AES256-SHA "GET /jenkins/login HTTP/1.1" 312
[04/Oct/2022:23:35:54 +0200] 128.199.72.103 TLSv1.2 AES256-SHA "GET /manager/html HTTP/1.1" 308
[04/Oct/2022:23:35:58 +0200] 128.199.72.103 TLSv1.2 AES256-SHA "GET /?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=c4vx72ya HTTP/1.1" 384
[04/Oct/2022:23:40:17 +0200] 20.106.179.144 - - "-" -
[04/Oct/2022:23:41:00 +0200] 20.106.179.144 - - "-" -
[04/Oct/2022:23:44:07 +0200] 194.110.203.39 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /1.tar HTTP/1.1" 382
[04/Oct/2022:23:44:38 +0200] 194.110.203.39 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /1.tar HTTP/1.1" 391
[04/Oct/2022:23:54:25 +0200] 185.83.144.103 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /sysinfo_phpinfo.php HTTP/1.1" 318
[04/Oct/2022:23:54:26 +0200] 185.83.144.103 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /sysinfo_phpinfo.php HTTP/1.1" 318
[05/Oct/2022:00:08:40 +0200] 179.61.219.71 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[05/Oct/2022:00:57:06 +0200] 206.189.112.184 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[05/Oct/2022:01:02:20 +0200] 35.233.62.116 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[05/Oct/2022:01:12:29 +0200] 52.187.185.143 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[05/Oct/2022:01:19:03 +0200] 162.142.125.222 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[05/Oct/2022:01:19:04 +0200] 162.142.125.222 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[05/Oct/2022:01:19:04 +0200] 162.142.125.222 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379