[20/Oct/2022:02:10:36 +0200] 192.241.207.221 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[20/Oct/2022:02:23:32 +0200] 194.110.203.44 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /connect.php.bak HTTP/1.1" 401
[20/Oct/2022:02:27:10 +0200] 194.110.203.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /config.php.bck HTTP/1.1" 391
[20/Oct/2022:03:09:14 +0200] 185.7.214.218 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[20/Oct/2022:03:27:59 +0200] 194.110.203.40 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /connect.php.bak HTTP/1.1" 392
[20/Oct/2022:04:02:21 +0200] 64.62.197.100 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[20/Oct/2022:04:03:33 +0200] 52.48.204.251 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /robots.txt HTTP/1.1" 101
[20/Oct/2022:04:05:10 +0200] 57.128.19.226 TLSv1.2 AES256-SHA "GET beacon.http-get HTTP/1.1" 293
[20/Oct/2022:04:10:47 +0200] 64.62.197.98 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[20/Oct/2022:04:14:30 +0200] 64.62.197.93 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[20/Oct/2022:04:28:40 +0200] 72.251.235.152 - - "-" -
[20/Oct/2022:05:05:36 +0200] 57.128.19.226 TLSv1.2 AES256-SHA "GET /beacon.http-get HTTP/1.1" 311
[20/Oct/2022:05:05:55 +0200] 35.93.123.4 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 306
[20/Oct/2022:05:14:44 +0200] 152.89.196.23 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[20/Oct/2022:05:33:49 +0200] 159.65.219.163 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[20/Oct/2022:05:33:50 +0200] 159.65.219.163 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304
[20/Oct/2022:05:33:54 +0200] 159.65.219.163 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[20/Oct/2022:06:19:40 +0200] 78.129.132.73 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[20/Oct/2022:06:54:23 +0200] 194.110.203.40 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /connect.bak HTTP/1.1" 388
[20/Oct/2022:08:02:59 +0200] 128.14.134.170 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[20/Oct/2022:08:08:55 +0200] 77.111.247.41 TLSv1.2 AES256-SHA "HEAD / HTTP/1.1" -
[20/Oct/2022:08:30:03 +0200] 139.162.207.84 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[20/Oct/2022:08:49:48 +0200] 188.166.3.107 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[20/Oct/2022:08:49:48 +0200] 188.166.3.107 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304
[20/Oct/2022:08:49:49 +0200] 188.166.3.107 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[20/Oct/2022:09:03:27 +0200] 194.110.203.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /connect.php~ HTTP/1.1" 389
[20/Oct/2022:09:05:20 +0200] 194.110.203.39 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /connect.php~ HTTP/1.1" 398
[20/Oct/2022:09:05:45 +0200] 183.136.225.35 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[20/Oct/2022:09:06:16 +0200] 183.136.225.35 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[20/Oct/2022:09:06:37 +0200] 183.136.225.35 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[20/Oct/2022:10:33:50 +0200] 162.19.196.234 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[20/Oct/2022:10:33:51 +0200] 162.19.196.234 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 301
[20/Oct/2022:10:44:40 +0200] 20.218.104.254 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[20/Oct/2022:10:44:40 +0200] 20.218.104.254 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 301
[20/Oct/2022:11:44:22 +0200] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /db.php~ HTTP/1.1" 384
[20/Oct/2022:12:03:19 +0200] 185.7.214.218 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[20/Oct/2022:12:20:59 +0200] 194.110.203.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /db.php~ HTTP/1.1" 393
[20/Oct/2022:13:13:06 +0200] 192.241.215.189 TLSv1.2 AES256-SHA "GET /autodiscover/autodiscover.json?@zdi/Powershell HTTP/1.1" 328
[20/Oct/2022:13:30:17 +0200] 162.142.125.7 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[20/Oct/2022:13:30:17 +0200] 162.142.125.7 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[20/Oct/2022:13:30:18 +0200] 162.142.125.7 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[20/Oct/2022:13:46:12 +0200] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /db.bak HTTP/1.1" 383
[20/Oct/2022:14:43:39 +0200] 194.110.203.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /db.bak HTTP/1.1" 400
[20/Oct/2022:14:56:46 +0200] 143.244.129.146 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[20/Oct/2022:14:56:47 +0200] 143.244.129.146 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304
[20/Oct/2022:14:56:53 +0200] 143.244.129.146 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[20/Oct/2022:16:09:27 +0200] 194.110.203.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /db.php.bck HTTP/1.1" 396
[20/Oct/2022:16:25:06 +0200] 194.110.203.40 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /db.php.bck HTTP/1.1" 404
[20/Oct/2022:16:44:44 +0200] 192.241.212.246 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[20/Oct/2022:17:08:49 +0200] 207.46.13.234 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 302
[20/Oct/2022:17:08:50 +0200] 207.46.13.234 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 302
[20/Oct/2022:17:09:00 +0200] 207.46.13.60 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[20/Oct/2022:17:10:53 +0200] 137.184.164.166 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[20/Oct/2022:17:10:59 +0200] 137.184.164.166 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304
[20/Oct/2022:19:33:07 +0200] 106.75.172.141 TLSv1.2 AES256-SHA "GET / HTTP/1.0" 383
[20/Oct/2022:19:33:41 +0200] 152.89.196.23 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[20/Oct/2022:19:51:08 +0200] 35.216.244.6 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 379
[20/Oct/2022:19:51:10 +0200] 35.216.244.6 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[20/Oct/2022:19:51:14 +0200] 35.216.244.6 TLSv1.2 AES256-SHA "GET /.DS_Store HTTP/1.1" 307
[20/Oct/2022:19:51:15 +0200] 35.216.244.6 TLSv1.2 AES256-SHA "GET /server-status HTTP/1.1" 308
[20/Oct/2022:19:51:16 +0200] 35.216.244.6 TLSv1.2 AES256-SHA "GET /config.json HTTP/1.1" 311
[20/Oct/2022:19:51:17 +0200] 35.216.244.6 TLSv1.2 AES256-SHA "GET /.env HTTP/1.1" 304
[20/Oct/2022:19:51:18 +0200] 35.216.244.6 TLSv1.2 AES256-SHA "GET /idx_config/ HTTP/1.1" 310
[20/Oct/2022:19:51:19 +0200] 35.216.244.6 TLSv1.2 AES256-SHA "GET /telescope/requests HTTP/1.1" 311
[20/Oct/2022:19:51:20 +0200] 35.216.244.6 TLSv1.2 AES256-SHA "GET /info.php HTTP/1.1" 307
[20/Oct/2022:19:51:21 +0200] 35.216.244.6 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 310
[20/Oct/2022:19:55:18 +0200] 192.241.212.70 TLSv1.2 AES256-SHA "GET /actuator/health HTTP/1.1" 310
[20/Oct/2022:20:00:37 +0200] 194.110.203.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /database.php~ HTTP/1.1" 407
[20/Oct/2022:20:43:38 +0200] 139.59.181.152 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[20/Oct/2022:20:43:41 +0200] 139.59.181.152 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[20/Oct/2022:20:48:00 +0200] 23.251.102.74 TLSv1.2 AES256-SHA "GET /Telerik.Web.UI.WebResource.axd?type=rau HTTP/1.1" 330
[20/Oct/2022:21:10:58 +0200] 192.241.214.70 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[20/Oct/2022:21:47:07 +0200] 104.248.33.236 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[20/Oct/2022:21:47:08 +0200] 104.248.33.236 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[20/Oct/2022:21:47:08 +0200] 104.248.33.236 TLSv1.2 AES256-SHA "GET /telescope/requests HTTP/1.1" 311
[20/Oct/2022:21:47:08 +0200] 104.248.33.236 TLSv1.2 AES256-SHA "GET /s/38362e35392e3131332e313032/_/;/META-INF/maven/com.atlassian.jira/jira-webapp-dist/pom.properties HTTP/1.1" 366
[20/Oct/2022:21:47:08 +0200] 104.248.33.236 TLSv1.2 AES256-SHA "GET /.DS_Store HTTP/1.1" 307
[20/Oct/2022:21:47:08 +0200] 104.248.33.236 TLSv1.2 AES256-SHA "GET /.env HTTP/1.1" 304
[20/Oct/2022:21:47:08 +0200] 104.248.33.236 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 310
[20/Oct/2022:21:47:08 +0200] 104.248.33.236 TLSv1.2 AES256-SHA "GET /info.php HTTP/1.1" 307
[20/Oct/2022:21:47:08 +0200] 104.248.33.236 TLSv1.2 AES256-SHA "GET /server-status HTTP/1.1" 308
[20/Oct/2022:21:47:08 +0200] 104.248.33.236 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[20/Oct/2022:21:47:08 +0200] 104.248.33.236 TLSv1.2 AES256-SHA "PUT /api/v2/cmdb/system/admin/admin HTTP/1.1" 319
[20/Oct/2022:21:47:08 +0200] 104.248.33.236 TLSv1.2 AES256-SHA "GET /debug/default/view?panel=config HTTP/1.1" 325
[20/Oct/2022:21:47:08 +0200] 104.248.33.236 TLSv1.2 AES256-SHA "GET /config.json HTTP/1.1" 311
[20/Oct/2022:21:47:08 +0200] 104.248.33.236 TLSv1.2 AES256-SHA "GET /?rest_route=/wp/v2/users/ HTTP/1.1" 317
[20/Oct/2022:21:47:08 +0200] 104.248.33.236 TLSv1.2 AES256-SHA "GET /api/search?folderIds=0 HTTP/1.1" 316
[20/Oct/2022:21:47:08 +0200] 104.248.33.236 TLSv1.2 AES256-SHA "GET /login.action HTTP/1.1" 311
[20/Oct/2022:21:47:09 +0200] 104.248.33.236 TLSv1.2 AES256-SHA "GET /about HTTP/1.1" 305
[20/Oct/2022:21:47:09 +0200] 104.248.33.236 TLSv1.2 AES256-SHA "GET /v2/_catalog HTTP/1.1" 310
[20/Oct/2022:22:01:24 +0200] 194.110.203.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /database.bak HTTP/1.1" 406
[20/Oct/2022:23:13:08 +0200] 193.118.53.210 TLSv1.2 AES256-SHA "GET /remote/login HTTP/1.1" 309
[20/Oct/2022:23:24:56 +0200] 185.7.214.218 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[20/Oct/2022:23:52:36 +0200] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /database.php.bak HTTP/1.1" 410
[21/Oct/2022:00:09:54 +0200] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /database.php.bak HTTP/1.1" 393
[21/Oct/2022:00:22:44 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327
[21/Oct/2022:00:51:01 +0200] 34.77.127.183 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[21/Oct/2022:01:33:25 +0200] 192.53.170.243 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301