[16/Oct/2022:02:07:53 +0200] 185.107.56.26 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[16/Oct/2022:02:07:53 +0200] 185.107.56.26 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 2946
[16/Oct/2022:02:39:44 +0200] 164.92.164.249 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[16/Oct/2022:02:56:52 +0200] 93.159.230.88 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[16/Oct/2022:03:03:25 +0200] 194.110.203.39 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /www.harm.rar HTTP/1.1" 389
[16/Oct/2022:03:36:31 +0200] 162.142.125.220 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[16/Oct/2022:03:36:31 +0200] 162.142.125.220 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[16/Oct/2022:03:36:32 +0200] 162.142.125.220 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[16/Oct/2022:03:49:59 +0200] 167.94.138.117 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[16/Oct/2022:03:50:00 +0200] 167.94.138.117 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[16/Oct/2022:03:53:49 +0200] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /www.easyzumfuehrerschein.rar HTTP/1.1" 422
[16/Oct/2022:03:56:46 +0200] 93.159.230.83 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[16/Oct/2022:03:59:26 +0200] 74.82.47.39 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[16/Oct/2022:04:14:40 +0200] 74.82.47.3 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[16/Oct/2022:04:19:23 +0200] 74.82.47.39 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[16/Oct/2022:04:57:26 +0200] 93.159.230.87 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[16/Oct/2022:05:25:19 +0200] 194.110.203.39 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /www.easyzumfuehrerschein.sql HTTP/1.1" 422
[16/Oct/2022:05:27:30 +0200] 194.110.203.39 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /www.harm.sql HTTP/1.1" 389
[16/Oct/2022:05:31:01 +0200] 138.246.253.24 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 403
[16/Oct/2022:05:52:57 +0200] 185.142.236.41 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[16/Oct/2022:05:53:04 +0200] 185.142.236.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[16/Oct/2022:05:53:06 +0200] 185.142.236.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[16/Oct/2022:05:53:07 +0200] 185.142.236.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[16/Oct/2022:05:53:10 +0200] 185.142.236.41 TLSv1.2 AES256-SHA "quit" 379
[16/Oct/2022:05:53:12 +0200] 185.142.236.41 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 393
[16/Oct/2022:05:53:13 +0200] 185.142.236.41 TLSv1.2 AES256-SHA "GET /sitemap.xml HTTP/1.1" 394
[16/Oct/2022:05:53:14 +0200] 185.142.236.41 TLSv1.2 AES256-SHA "GET /.well-known/security.txt HTTP/1.1" 407
[16/Oct/2022:05:53:18 +0200] 185.142.236.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /favicon.ico HTTP/1.1" 309
[16/Oct/2022:05:53:19 +0200] 185.142.236.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[16/Oct/2022:05:56:59 +0200] 77.74.177.119 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[16/Oct/2022:06:04:55 +0200] 138.246.253.24 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 404
[16/Oct/2022:06:13:49 +0200] 167.94.138.118 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[16/Oct/2022:06:13:49 +0200] 167.94.138.118 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[16/Oct/2022:06:13:50 +0200] 167.94.138.118 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[16/Oct/2022:06:19:10 +0200] 198.244.212.132 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[16/Oct/2022:06:27:30 +0200] 134.122.184.11 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /81160/ HTTP/1.1" 308
[16/Oct/2022:06:43:51 +0200] 192.241.221.77 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[16/Oct/2022:06:57:46 +0200] 93.159.230.88 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[16/Oct/2022:07:35:22 +0200] 194.110.203.39 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /www.klub.sql.gz HTTP/1.1" 401
[16/Oct/2022:07:41:36 +0200] 81.209.177.16 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /robots.txt HTTP/1.1" 396
[16/Oct/2022:07:41:36 +0200] 81.209.177.16 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 386
[16/Oct/2022:08:01:11 +0200] 93.159.230.89 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[16/Oct/2022:08:02:03 +0200] 194.110.203.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /www.easyzumfuehrerschein.sql.gz HTTP/1.1" 425
[16/Oct/2022:08:33:55 +0200] 183.136.225.35 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[16/Oct/2022:08:34:27 +0200] 183.136.225.35 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[16/Oct/2022:08:34:49 +0200] 183.136.225.35 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[16/Oct/2022:08:35:30 +0200] 183.136.225.35 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 308
[16/Oct/2022:09:21:50 +0200] 194.110.203.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /www.klub.tar HTTP/1.1" 398
[16/Oct/2022:09:34:47 +0200] 87.236.176.97 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[16/Oct/2022:09:38:51 +0200] 137.184.68.107 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[16/Oct/2022:09:38:52 +0200] 137.184.68.107 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304
[16/Oct/2022:09:38:57 +0200] 137.184.68.107 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[16/Oct/2022:09:43:19 +0200] 83.12.50.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /www.easyzumfuehrerschein.tar HTTP/1.1" 422
[16/Oct/2022:10:18:03 +0200] 192.241.209.4 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[16/Oct/2022:11:07:20 +0200] 192.241.218.97 TLSv1.2 AES256-SHA "GET /autodiscover/autodiscover.json?@zdi/Powershell HTTP/1.1" 328
[16/Oct/2022:11:52:07 +0200] 198.12.252.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /www.klub.tar.gz HTTP/1.1" 401
[16/Oct/2022:11:52:57 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 293
[16/Oct/2022:12:46:41 +0200] 104.197.27.160 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 307
[16/Oct/2022:12:48:29 +0200] 35.192.164.215 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 306
[16/Oct/2022:13:47:10 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[16/Oct/2022:13:51:27 +0200] 152.89.196.23 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[16/Oct/2022:13:51:51 +0200] 194.110.203.40 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /www.harm.tgz HTTP/1.1" 389
[16/Oct/2022:14:09:46 +0200] 83.12.50.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /www.easyzumfuehrerschein.tgz HTTP/1.1" 422
[16/Oct/2022:14:50:59 +0200] 109.206.241.59 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[16/Oct/2022:14:51:00 +0200] 109.206.241.59 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 301
[16/Oct/2022:16:48:07 +0200] 162.142.125.121 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[16/Oct/2022:16:48:08 +0200] 162.142.125.121 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[16/Oct/2022:17:33:39 +0200] 222.181.11.224 TLSv1.2 AES256-SHA "GET / HTTP/1.0" 383
[16/Oct/2022:17:33:50 +0200] 222.94.163.222 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[16/Oct/2022:17:38:07 +0200] 193.235.141.169 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 307
[16/Oct/2022:18:13:37 +0200] 192.241.217.241 TLSv1.2 AES256-SHA "GET /actuator/health HTTP/1.1" 310
[16/Oct/2022:18:29:09 +0200] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /www.easyzumfuehrerschein.7z HTTP/1.1" 421
[16/Oct/2022:20:58:21 +0200] 183.136.225.9 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[16/Oct/2022:20:58:38 +0200] 183.136.225.9 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[16/Oct/2022:20:59:06 +0200] 183.136.225.9 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[16/Oct/2022:20:59:26 +0200] 183.136.225.9 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 308
[16/Oct/2022:21:07:53 +0200] 34.71.45.209 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 295
[16/Oct/2022:21:49:49 +0200] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /www.klub.bck HTTP/1.1" 398
[16/Oct/2022:23:05:47 +0200] 183.136.225.9 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[16/Oct/2022:23:06:06 +0200] 183.136.225.9 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 308
[16/Oct/2022:23:21:49 +0200] 43.131.66.209 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 500
[16/Oct/2022:23:36:03 +0200] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /easyzumfuehrerschein.com.gz HTTP/1.1" 421
[16/Oct/2022:23:57:25 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327
[17/Oct/2022:01:00:35 +0200] 35.195.93.98 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[17/Oct/2022:01:10:49 +0200] 192.241.216.180 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx HTTP/1.1" 314
[17/Oct/2022:01:14:11 +0200] 192.241.205.22 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[17/Oct/2022:01:14:37 +0200] 192.241.219.20 TLSv1.2 AES256-SHA "GET /owa/auth/x.js HTTP/1.1" 310
[17/Oct/2022:01:15:02 +0200] 194.110.203.44 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /harm.at.sql HTTP/1.1" 388
[17/Oct/2022:01:33:53 +0200] 139.59.247.127 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[17/Oct/2022:01:33:55 +0200] 139.59.247.127 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304
[17/Oct/2022:01:34:03 +0200] 139.59.247.127 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[17/Oct/2022:01:38:09 +0200] 60.217.75.70 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[17/Oct/2022:01:44:48 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "GET /actuator/gateway/routes HTTP/1.1" 315
[17/Oct/2022:01:53:40 +0200] 35.91.4.141 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 306
[17/Oct/2022:01:54:08 +0200] 54.212.186.235 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 306