[11/Oct/2022:02:19:00 +0200] 192.241.219.250 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[11/Oct/2022:02:37:38 +0200] 139.59.81.35 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[11/Oct/2022:03:41:02 +0200] 185.7.214.218 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[11/Oct/2022:04:48:29 +0200] 194.110.203.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /htodcs.bck HTTP/1.1" 387
[11/Oct/2022:04:51:03 +0200] 45.93.201.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /htodcs.bck HTTP/1.1" 404
[11/Oct/2022:04:58:47 +0200] 162.142.125.8 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[11/Oct/2022:04:58:47 +0200] 162.142.125.8 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[11/Oct/2022:04:58:48 +0200] 162.142.125.8 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[11/Oct/2022:05:09:06 +0200] 128.14.133.58 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[11/Oct/2022:05:31:26 +0200] 162.19.196.234 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[11/Oct/2022:05:31:26 +0200] 162.19.196.234 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 301
[11/Oct/2022:05:41:08 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327
[11/Oct/2022:06:30:26 +0200] 152.89.196.23 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[11/Oct/2022:07:17:33 +0200] 192.241.216.164 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[11/Oct/2022:07:42:54 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "GET /actuator/gateway/routes HTTP/1.1" 315
[11/Oct/2022:09:06:38 +0200] 193.118.53.194 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[11/Oct/2022:09:55:39 +0200] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /public_html.rar HTTP/1.1" 409
[11/Oct/2022:09:56:37 +0200] 194.110.203.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /public_html.rar HTTP/1.1" 401
[11/Oct/2022:10:11:33 +0200] 185.7.214.218 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[11/Oct/2022:10:14:22 +0200] 192.241.216.144 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[11/Oct/2022:10:18:38 +0200] 167.248.133.117 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[11/Oct/2022:10:18:38 +0200] 167.248.133.117 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[11/Oct/2022:10:18:39 +0200] 167.248.133.117 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[11/Oct/2022:10:44:18 +0200] 83.12.50.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /public_html.rar HTTP/1.1" 392
[11/Oct/2022:10:48:20 +0200] 162.221.192.26 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[11/Oct/2022:10:48:22 +0200] 162.221.192.26 TLSv1.2 AES256-SHA "GET /showLogin.cc HTTP/1.1" 311
[11/Oct/2022:11:30:44 +0200] 192.241.218.58 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx HTTP/1.1" 314
[11/Oct/2022:11:32:43 +0200] 192.241.205.22 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[11/Oct/2022:11:34:54 +0200] 192.241.219.20 TLSv1.2 AES256-SHA "GET /owa/auth/x.js HTTP/1.1" 310
[11/Oct/2022:13:56:02 +0200] 162.221.192.90 TLSv1.2 AES256-SHA "GET /solr/ HTTP/1.1" 304
[11/Oct/2022:14:46:04 +0200] 216.218.206.98 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[11/Oct/2022:15:01:32 +0200] 216.218.206.66 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[11/Oct/2022:15:06:52 +0200] 216.218.206.98 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[11/Oct/2022:15:10:23 +0200] 185.83.144.103 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /phpinfo.php.bak HTTP/1.1" 318
[11/Oct/2022:15:10:25 +0200] 185.83.144.103 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /phpinfo.php.bak HTTP/1.1" 318
[11/Oct/2022:15:25:38 +0200] 194.110.203.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /public_html.tar HTTP/1.1" 409
[11/Oct/2022:15:33:58 +0200] 207.46.13.60 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[11/Oct/2022:15:42:22 +0200] 118.193.72.169 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[11/Oct/2022:15:42:26 +0200] 118.193.72.169 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[11/Oct/2022:15:42:43 +0200] 118.193.72.169 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 308
[11/Oct/2022:15:42:56 +0200] 118.193.72.169 TLSv1.2 AES256-SHA "GET /sitemap.xml HTTP/1.1" 309
[11/Oct/2022:16:14:29 +0200] 162.142.125.121 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[11/Oct/2022:16:14:30 +0200] 162.142.125.121 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[11/Oct/2022:16:16:43 +0200] 147.182.237.203 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "HEAD / HTTP/1.1" -
[11/Oct/2022:16:20:54 +0200] 193.235.141.168 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 307
[11/Oct/2022:16:50:01 +0200] 109.206.241.59 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[11/Oct/2022:16:50:01 +0200] 109.206.241.59 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 301
[11/Oct/2022:17:19:06 +0200] 51.159.99.253 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[11/Oct/2022:17:19:07 +0200] 51.159.99.253 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /favicon.ico HTTP/1.1" 309
[11/Oct/2022:17:38:48 +0200] 157.245.155.166 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[11/Oct/2022:17:38:52 +0200] 157.245.155.166 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304
[11/Oct/2022:17:39:05 +0200] 157.245.155.166 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[11/Oct/2022:17:45:29 +0200] 192.241.214.81 TLSv1.2 AES256-SHA "GET /autodiscover/autodiscover.json?@zdi/Powershell HTTP/1.1" 328
[11/Oct/2022:18:36:00 +0200] 162.62.191.231 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 500
[11/Oct/2022:19:41:01 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "GET /dns-query?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB HTTP/1.1" 343
[11/Oct/2022:19:41:05 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "GET /dns-query?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB HTTP/1.1" 343
[11/Oct/2022:19:41:07 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "POST /dns-query HTTP/1.1" 308
[11/Oct/2022:19:41:10 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "POST /dns-query HTTP/1.1" 308
[11/Oct/2022:19:41:13 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "GET /query?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB HTTP/1.1" 340
[11/Oct/2022:19:41:15 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "GET /query?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB HTTP/1.1" 340
[11/Oct/2022:19:41:19 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "POST /query HTTP/1.1" 305
[11/Oct/2022:19:41:21 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "POST /query HTTP/1.1" 305
[11/Oct/2022:19:41:25 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "GET /resolve?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB HTTP/1.1" 342
[11/Oct/2022:19:41:27 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "GET /resolve?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB HTTP/1.1" 342
[11/Oct/2022:19:41:31 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "POST /resolve HTTP/1.1" 305
[11/Oct/2022:19:41:33 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "POST /resolve HTTP/1.1" 305
[11/Oct/2022:19:41:35 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "GET /?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB HTTP/1.1" 337
[11/Oct/2022:19:41:38 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "GET /?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB HTTP/1.1" 337
[11/Oct/2022:19:41:41 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "POST / HTTP/1.1" 301
[11/Oct/2022:19:41:43 +0200] 47.243.233.244 TLSv1.2 AES256-SHA "POST / HTTP/1.1" 301
[11/Oct/2022:20:40:22 +0200] 128.14.133.58 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[11/Oct/2022:20:44:13 +0200] 152.89.196.23 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[11/Oct/2022:22:36:34 +0200] 63.251.232.75 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /Electron/download/windows/\\Program%20Files\\3CX%20Phone%20System\\Data\\DB\\base\\16384\\16393 HTTP/1.0" 479
[11/Oct/2022:23:00:08 +0200] 205.210.31.15 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 377
[11/Oct/2022:23:24:16 +0200] 83.136.32.58 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "HEAD / HTTP/1.0" -
[11/Oct/2022:23:46:06 +0200] 60.217.75.70 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[11/Oct/2022:23:53:41 +0200] 192.241.201.234 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[12/Oct/2022:00:06:41 +0200] 51.158.98.24 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 385
[12/Oct/2022:00:25:40 +0200] 198.235.24.174 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[12/Oct/2022:00:35:01 +0200] 20.203.44.229 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[12/Oct/2022:00:56:52 +0200] 34.78.6.216 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[12/Oct/2022:01:00:36 +0200] 172.104.230.225 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[12/Oct/2022:01:11:59 +0200] 69.167.169.55 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[12/Oct/2022:01:12:00 +0200] 69.167.169.55 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[12/Oct/2022:01:30:33 +0200] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /public_html.tgz HTTP/1.1" 392