[21/Oct/2022:02:02:20 +0200] 194.110.203.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /database.php.bck HTTP/1.1" 402
[21/Oct/2022:02:10:22 +0200] 194.110.203.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /database.php.bck HTTP/1.1" 410
[21/Oct/2022:02:12:49 +0200] 192.241.215.109 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx HTTP/1.1" 314
[21/Oct/2022:02:12:59 +0200] 104.248.51.8 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[21/Oct/2022:02:13:21 +0200] 192.241.212.246 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[21/Oct/2022:02:15:25 +0200] 192.241.217.209 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[21/Oct/2022:02:19:11 +0200] 192.241.219.55 TLSv1.2 AES256-SHA "GET /owa/auth/x.js HTTP/1.1" 310
[21/Oct/2022:02:36:03 +0200] 188.166.1.15 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[21/Oct/2022:02:42:17 +0200] 128.1.248.26 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[21/Oct/2022:03:10:54 +0200] 213.32.122.82 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[21/Oct/2022:03:18:30 +0200] 194.110.203.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /database.php.bck HTTP/1.1" 393
[21/Oct/2022:03:51:22 +0200] 121.41.110.39 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /api/Ticket/query?m=18900547892&refer__2377=eu0%3DiKY5DK0ITxBkP56KGI94Wq7KQDCFtleD HTTP/1.1" 383
[21/Oct/2022:04:15:36 +0200] 194.110.203.44 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /inc/config.php~ HTTP/1.1" 392
[21/Oct/2022:04:23:18 +0200] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /inc/config.php~ HTTP/1.1" 401
[21/Oct/2022:05:53:21 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "GET /_ignition/execute-solution HTTP/1.1" 319
[21/Oct/2022:06:04:22 +0200] 194.110.203.39 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /inc/config.php~ HTTP/1.1" 409
[21/Oct/2022:06:42:19 +0200] 128.14.133.58 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[21/Oct/2022:06:57:26 +0200] 64.62.197.97 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[21/Oct/2022:07:05:45 +0200] 64.62.197.106 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[21/Oct/2022:07:10:12 +0200] 64.62.197.93 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[21/Oct/2022:07:13:25 +0200] 185.7.214.218 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[21/Oct/2022:07:55:21 +0200] 159.65.33.124 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[21/Oct/2022:07:55:23 +0200] 159.65.33.124 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 754
[21/Oct/2022:07:55:25 +0200] 159.65.33.124 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /favicon.ico HTTP/1.1" 1150
[21/Oct/2022:08:00:35 +0200] 194.110.203.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /inc/config.bck HTTP/1.1" 391
[21/Oct/2022:08:51:48 +0200] 183.136.225.35 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[21/Oct/2022:08:52:40 +0200] 183.136.225.35 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[21/Oct/2022:09:04:36 +0200] 193.106.29.122 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388
[21/Oct/2022:09:14:41 +0200] 34.221.48.44 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 306
[21/Oct/2022:09:15:03 +0200] 35.85.62.246 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 313
[21/Oct/2022:09:20:58 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "GET /actuator/gateway/routes HTTP/1.1" 315
[21/Oct/2022:09:34:46 +0200] 152.89.196.23 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[21/Oct/2022:09:58:55 +0200] 185.180.143.81 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[21/Oct/2022:09:58:57 +0200] 185.180.143.81 TLSv1.2 AES256-SHA "GET /webfig/ HTTP/1.1" 307
[21/Oct/2022:10:23:20 +0200] 194.110.203.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /inc/config.php.bak HTTP/1.1" 412
[21/Oct/2022:12:21:49 +0200] 194.110.203.47 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /inc/config.php.bck HTTP/1.1" 395
[21/Oct/2022:12:25:55 +0200] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /inc/config.php.bck HTTP/1.1" 412
[21/Oct/2022:12:44:16 +0200] 85.159.211.146 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[21/Oct/2022:12:57:53 +0200] 43.134.92.159 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 500
[21/Oct/2022:13:27:06 +0200] 192.241.206.226 TLSv1.2 AES256-SHA "GET /autodiscover/autodiscover.json?@zdi/Powershell HTTP/1.1" 328
[21/Oct/2022:13:52:35 +0200] 40.77.167.97 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 314
[21/Oct/2022:13:52:36 +0200] 40.77.167.97 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 314
[21/Oct/2022:13:52:40 +0200] 157.55.39.215 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[21/Oct/2022:14:34:58 +0200] 198.235.24.166 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[21/Oct/2022:15:02:17 +0200] 34.219.44.169 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[21/Oct/2022:15:02:43 +0200] 34.219.151.48 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[21/Oct/2022:15:06:24 +0200] 194.110.203.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /inc/db.php~ HTTP/1.1" 388
[21/Oct/2022:15:36:19 +0200] 128.14.134.170 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[21/Oct/2022:16:03:27 +0200] 185.200.118.182 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 297
[21/Oct/2022:16:30:11 +0200] 194.110.203.47 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /inc/db.bck HTTP/1.1" 404
[21/Oct/2022:16:37:59 +0200] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /inc/db.bck HTTP/1.1" 387
[21/Oct/2022:17:19:36 +0200] 205.210.31.142 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 377
[21/Oct/2022:17:55:52 +0200] 41.92.44.204 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[21/Oct/2022:17:55:56 +0200] 41.92.44.204 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 301
[21/Oct/2022:18:16:12 +0200] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /inc/db.bak HTTP/1.1" 396
[21/Oct/2022:18:16:30 +0200] 198.235.24.138 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 380
[21/Oct/2022:18:25:28 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[21/Oct/2022:18:26:24 +0200] 137.184.220.167 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[21/Oct/2022:18:26:25 +0200] 137.184.220.167 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304
[21/Oct/2022:18:26:29 +0200] 137.184.220.167 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[21/Oct/2022:18:47:42 +0200] 194.110.203.44 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /inc/db.bak HTTP/1.1" 387
[21/Oct/2022:18:49:49 +0200] 20.244.11.51 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[21/Oct/2022:18:50:07 +0200] 20.244.11.51 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 301
[21/Oct/2022:19:12:37 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[21/Oct/2022:19:57:46 +0200] 193.235.141.171 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 307
[21/Oct/2022:20:30:47 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[21/Oct/2022:21:14:20 +0200] 192.241.215.65 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[21/Oct/2022:21:30:47 +0200] 198.12.252.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /inc/db.php.bak HTTP/1.1" 408
[21/Oct/2022:22:16:09 +0200] 192.241.207.202 TLSv1.2 AES256-SHA "GET /version HTTP/1.1" 305
[21/Oct/2022:22:37:06 +0200] 103.149.192.67 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[21/Oct/2022:22:50:02 +0200] 152.89.196.211 TLSv1.2 AES256-SHA "GET /actuator/gateway/routes HTTP/1.1" 315
[21/Oct/2022:22:53:32 +0200] 194.110.203.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /inc/db.php.bck HTTP/1.1" 408
[21/Oct/2022:23:24:14 +0200] 194.110.203.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /inc/db.php.bck HTTP/1.1" 391
[22/Oct/2022:00:03:34 +0200] 162.221.192.26 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[22/Oct/2022:00:13:17 +0200] 152.89.196.23 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[22/Oct/2022:00:35:13 +0200] 167.94.138.62 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[22/Oct/2022:00:35:14 +0200] 167.94.138.62 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[22/Oct/2022:00:35:15 +0200] 167.94.138.62 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[22/Oct/2022:00:36:12 +0200] 194.110.203.40 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /inc/database.php~ HTTP/1.1" 394
[22/Oct/2022:01:02:53 +0200] 194.110.203.40 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /inc/database.php~ HTTP/1.1" 411
[22/Oct/2022:01:13:06 +0200] 34.140.248.32 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[22/Oct/2022:01:21:58 +0200] 87.236.176.205 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[22/Oct/2022:01:35:54 +0200] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /inc/database.php~ HTTP/1.1" 403