[13/Oct/2022:02:35:14 +0200] 154.89.5.71 TLSv1.2 AES256-SHA "GET / HTTP/1.0" 383
[13/Oct/2022:03:14:54 +0200] 194.110.203.40 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /site.tgz HTTP/1.1" 394
[13/Oct/2022:03:32:52 +0200] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /site.tgz HTTP/1.1" 402
[13/Oct/2022:03:43:49 +0200] 87.236.176.171 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[13/Oct/2022:03:50:48 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1" 390
[13/Oct/2022:06:24:38 +0200] 193.235.141.178 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 295
[13/Oct/2022:06:36:34 +0200] 83.12.50.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /site.zip HTTP/1.1" 402
[13/Oct/2022:07:07:05 +0200] 208.100.26.237 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 298
[13/Oct/2022:07:08:56 +0200] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /site.tar HTTP/1.1" 385
[13/Oct/2022:07:10:57 +0200] 43.129.219.189 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[13/Oct/2022:07:34:52 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327
[13/Oct/2022:07:46:02 +0200] 157.245.248.114 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 301
[13/Oct/2022:07:46:03 +0200] 157.245.248.114 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[13/Oct/2022:08:07:01 +0200] 41.79.235.92 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /Electron/download/windows/\\Program%20Files\\3CX%20Phone%20System\\Data\\DB\\base\\16384\\16393 HTTP/1.0" 479
[13/Oct/2022:09:09:27 +0200] 51.158.66.83 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 391
[13/Oct/2022:09:13:07 +0200] 194.110.203.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /site.tar.gz HTTP/1.1" 388
[13/Oct/2022:10:13:18 +0200] 83.136.32.58 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "HEAD / HTTP/1.0" -
[13/Oct/2022:10:15:34 +0200] 192.241.215.90 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[13/Oct/2022:11:50:45 +0200] 4.231.54.198 TLSv1.2 AES256-SHA "POST /wp-plain.php HTTP/1.1" 389
[13/Oct/2022:11:50:45 +0200] 4.231.54.198 TLSv1.2 AES256-SHA "GET /yaiawwnz.php?Fox=d3wL7 HTTP/1.1" 399
[13/Oct/2022:12:15:23 +0200] 128.14.133.58 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[13/Oct/2022:12:26:07 +0200] 162.142.125.121 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[13/Oct/2022:12:26:08 +0200] 162.142.125.121 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[13/Oct/2022:13:10:44 +0200] 192.241.215.149 TLSv1.2 AES256-SHA "GET /actuator/health HTTP/1.1" 310
[13/Oct/2022:14:16:50 +0200] 194.110.203.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /site.tgz HTTP/1.1" 385
[13/Oct/2022:14:26:32 +0200] 64.62.197.106 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[13/Oct/2022:14:28:04 +0200] 152.89.196.23 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[13/Oct/2022:14:38:02 +0200] 64.62.197.101 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[13/Oct/2022:14:41:28 +0200] 64.62.197.92 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[13/Oct/2022:15:29:52 +0200] 143.110.248.205 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[13/Oct/2022:15:30:12 +0200] 143.110.248.205 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[13/Oct/2022:15:39:18 +0200] 207.46.13.234 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 302
[13/Oct/2022:15:39:19 +0200] 207.46.13.234 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 302
[13/Oct/2022:15:39:23 +0200] 207.46.13.60 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[13/Oct/2022:15:48:57 +0200] 109.206.241.59 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[13/Oct/2022:15:48:57 +0200] 109.206.241.59 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 301
[13/Oct/2022:16:16:13 +0200] 192.241.219.128 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx HTTP/1.1" 314
[13/Oct/2022:16:18:54 +0200] 192.241.214.56 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[13/Oct/2022:16:19:59 +0200] 192.241.219.20 TLSv1.2 AES256-SHA "GET /owa/auth/x.js HTTP/1.1" 310
[13/Oct/2022:16:58:55 +0200] 194.110.203.39 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /site.bck HTTP/1.1" 385
[13/Oct/2022:17:30:18 +0200] 167.94.138.117 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[13/Oct/2022:17:30:19 +0200] 167.94.138.117 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[13/Oct/2022:17:30:22 +0200] 167.94.138.117 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[13/Oct/2022:17:52:40 +0200] 165.232.179.249 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[13/Oct/2022:18:29:44 +0200] 103.133.109.141 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[13/Oct/2022:18:29:45 +0200] 103.133.109.141 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 301
[13/Oct/2022:18:53:59 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388
[13/Oct/2022:18:54:00 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.git/HEAD HTTP/1.1" 392
[13/Oct/2022:18:54:00 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[13/Oct/2022:18:54:00 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /nmaplowercheck1665680039 HTTP/1.1" 407
[13/Oct/2022:18:54:00 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /Portal/Portal.mwsl HTTP/1.1" 401
[13/Oct/2022:18:54:00 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /Portal0000.htm HTTP/1.1" 397
[13/Oct/2022:18:54:00 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[13/Oct/2022:18:54:00 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /scripts/WPnBr.dll HTTP/1.1" 400
[13/Oct/2022:18:54:00 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /CSS/Miniweb.css HTTP/1.1" 398
[13/Oct/2022:18:54:00 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /3gVl HTTP/1.1" 387
[13/Oct/2022:18:54:00 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /sdk HTTP/1.1" 386
[13/Oct/2022:18:54:00 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "SSTP_DUPLEX_POST /sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/ HTTP/1.1" 925
[13/Oct/2022:18:54:01 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /pools/default/buckets HTTP/1.1" 404
[13/Oct/2022:18:54:01 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /HNAP1 HTTP/1.1" 388
[13/Oct/2022:18:54:01 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /docs/cplugError.html/ HTTP/1.1" 404
[13/Oct/2022:18:54:01 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /__Additional HTTP/1.1" 395
[13/Oct/2022:18:54:01 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[13/Oct/2022:18:54:01 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /?=PHPE9568F36-D428-11d2-A769-00AA001ACF42 HTTP/1.1" 424
[13/Oct/2022:18:54:01 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388
[13/Oct/2022:18:54:01 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /pools HTTP/1.1" 388
[13/Oct/2022:18:54:01 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /server-status HTTP/1.1" 396
[13/Oct/2022:18:54:01 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "HEAD / HTTP/1.1" -
[13/Oct/2022:18:54:02 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 HTTP/1.1" 424
[13/Oct/2022:18:54:02 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /localstart.jsp HTTP/1.1" 397
[13/Oct/2022:18:54:02 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[13/Oct/2022:18:54:02 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /default.pl HTTP/1.1" 393
[13/Oct/2022:18:54:03 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /favicon.ico HTTP/1.1" 394
[13/Oct/2022:18:54:03 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /default.asp HTTP/1.1" 394
[13/Oct/2022:18:54:04 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /home.aspx HTTP/1.1" 392
[13/Oct/2022:18:54:04 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /main.jhtml HTTP/1.1" 393
[13/Oct/2022:18:54:05 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /start.cgi HTTP/1.1" 392
[13/Oct/2022:18:54:06 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /home.pl HTTP/1.1" 390
[13/Oct/2022:18:54:06 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /inicio.cfm HTTP/1.1" 393
[13/Oct/2022:18:54:07 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /base.inc HTTP/1.1" 391
[13/Oct/2022:18:54:08 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /indice.cfm HTTP/1.1" 393
[13/Oct/2022:18:54:08 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /menu.jhtml HTTP/1.1" 393
[13/Oct/2022:18:54:09 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /readme.txt HTTP/1.1" 393
[13/Oct/2022:18:54:10 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /index.html HTTP/1.1" 393
[13/Oct/2022:18:54:10 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388
[13/Oct/2022:18:54:11 +0200] 141.105.66.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[13/Oct/2022:18:55:14 +0200] 123.160.221.21 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 500
[13/Oct/2022:19:23:44 +0200] 109.206.241.59 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[13/Oct/2022:19:23:44 +0200] 109.206.241.59 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 301
[13/Oct/2022:20:10:28 +0200] 51.15.251.143 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 385
[13/Oct/2022:20:11:59 +0200] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /upload.rar HTTP/1.1" 396
[13/Oct/2022:20:40:34 +0200] 194.110.203.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /upload.rar HTTP/1.1" 387
[13/Oct/2022:20:44:40 +0200] 23.90.160.122 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[13/Oct/2022:22:04:59 +0200] 134.209.198.15 TLSv1.2 AES256-SHA "GET /panel/login.php HTTP/1.1" 312
[13/Oct/2022:22:09:29 +0200] 63.251.232.75 TLSv1.2 AES256-SHA "GET /Electron/download/windows/%5CProgram%20Files%5C3CX%20Phone%20System%5CData%5CDB%5Cbase%5C16384%5C16393 HTTP/1.1" 369
[13/Oct/2022:22:25:46 +0200] 185.180.143.7 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[13/Oct/2022:22:49:02 +0200] 51.158.127.119 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 377
[13/Oct/2022:23:28:52 +0200] 83.12.50.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /upload.zip HTTP/1.1" 387
[13/Oct/2022:23:56:22 +0200] 192.241.209.140 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[13/Oct/2022:23:57:38 +0200] 101.68.211.2 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 381
[13/Oct/2022:23:58:31 +0200] 101.68.211.2 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 297
[13/Oct/2022:23:58:52 +0200] 101.68.211.2 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 305
[13/Oct/2022:23:59:14 +0200] 101.68.211.2 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 304
[14/Oct/2022:00:04:46 +0200] 209.141.36.231 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[14/Oct/2022:00:04:50 +0200] 209.141.33.65 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[14/Oct/2022:00:05:42 +0200] 209.141.49.169 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[14/Oct/2022:00:05:45 +0200] 205.185.116.25 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 314
[14/Oct/2022:00:09:13 +0200] 113.141.167.194 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 297
[14/Oct/2022:00:09:47 +0200] 175.6.137.62 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[14/Oct/2022:00:09:51 +0200] 175.6.137.62 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 308
[14/Oct/2022:00:11:04 +0200] 125.124.125.13 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[14/Oct/2022:00:11:08 +0200] 125.124.125.13 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 302
[14/Oct/2022:00:55:42 +0200] 213.226.123.241 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 310
[14/Oct/2022:00:59:47 +0200] 34.76.158.233 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[14/Oct/2022:01:17:14 +0200] 18.237.155.216 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 306
[14/Oct/2022:01:17:28 +0200] 54.185.226.117 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 313
[14/Oct/2022:01:17:33 +0200] 54.185.226.117 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 306
[14/Oct/2022:01:25:32 +0200] 208.100.26.236 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 297
[14/Oct/2022:01:27:16 +0200] 192.241.217.127 TLSv1.2 AES256-SHA "GET /autodiscover/autodiscover.json?@zdi/Powershell HTTP/1.1" 328
[14/Oct/2022:01:27:37 +0200] 164.92.221.102 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[14/Oct/2022:01:27:37 +0200] 164.92.221.102 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304
[14/Oct/2022:01:27:38 +0200] 164.92.221.102 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[14/Oct/2022:01:30:06 +0200] 51.158.109.3 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 397
[14/Oct/2022:01:52:53 +0200] 194.110.203.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /web.rar HTTP/1.1" 401