[15/Nov/2022:01:37:05 +0100] 205.210.31.145 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[15/Nov/2022:01:39:39 +0100] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /localhost.zip HTTP/1.1" 399
[15/Nov/2022:01:42:37 +0100] 104.131.49.83 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[15/Nov/2022:01:42:38 +0100] 104.131.49.83 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304
[15/Nov/2022:01:42:42 +0100] 104.131.49.83 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[15/Nov/2022:02:31:19 +0100] 185.7.214.218 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[15/Nov/2022:03:02:41 +0100] 185.180.143.8 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[15/Nov/2022:03:02:53 +0100] 185.180.143.8 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[15/Nov/2022:03:05:24 +0100] 109.248.6.9 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388
[15/Nov/2022:03:11:49 +0100] 194.110.203.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /localhostdb.zip HTTP/1.1" 392
[15/Nov/2022:03:11:57 +0100] 194.110.203.39 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /localhostdb.zip HTTP/1.1" 409
[15/Nov/2022:03:24:56 +0100] 54.216.220.87 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /robots.txt HTTP/1.1" 101
[15/Nov/2022:04:26:40 +0100] 192.241.199.150 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[15/Nov/2022:04:48:42 +0100] 192.241.192.196 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[15/Nov/2022:04:58:44 +0100] 194.110.203.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /localhost_db.zip HTTP/1.1" 410
[15/Nov/2022:05:16:50 +0100] 194.110.203.40 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /localhost_db.zip HTTP/1.1" 402
[15/Nov/2022:05:17:11 +0100] 128.14.133.58 TLSv1.2 AES256-SHA "GET /remote/login HTTP/1.1" 309
[15/Nov/2022:05:31:13 +0100] 194.180.48.125 TLSv1.2 AES256-SHA "GET /explore HTTP/1.1" 306
[15/Nov/2022:06:39:35 +0100] 128.14.141.34 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[15/Nov/2022:06:45:04 +0100] 194.110.203.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /localhost-db.zip HTTP/1.1" 410
[15/Nov/2022:06:46:16 +0100] 194.110.203.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /localhost-db.zip HTTP/1.1" 393
[15/Nov/2022:06:56:46 +0100] 139.162.238.243 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[15/Nov/2022:07:51:44 +0100] 74.82.47.61 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[15/Nov/2022:08:02:24 +0100] 74.82.47.57 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[15/Nov/2022:08:09:06 +0100] 74.82.47.29 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[15/Nov/2022:08:10:24 +0100] 74.82.47.37 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 310
[15/Nov/2022:08:45:10 +0100] 194.110.203.40 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /localhost_database.zip HTTP/1.1" 408
[15/Nov/2022:08:49:42 +0100] 194.110.203.39 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /localhost_database.zip HTTP/1.1" 416
[15/Nov/2022:08:57:09 +0100] 152.32.157.251 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[15/Nov/2022:09:03:58 +0100] 128.14.233.55 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[15/Nov/2022:09:13:27 +0100] 194.110.203.60 TLSv1.2 AES256-SHA "GET /js/zimbraMail/share/model/ZmSettings.js HTTP/1.1" 330
[15/Nov/2022:09:42:11 +0100] 185.189.182.234 TLSv1.2 AES256-SHA "GET /Ot2g HTTP/1.1" 379
[15/Nov/2022:10:00:31 +0100] 194.110.203.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /localhost-database.zip HTTP/1.1" 408
[15/Nov/2022:10:05:56 +0100] 117.187.173.4 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[15/Nov/2022:11:18:35 +0100] 162.142.125.7 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[15/Nov/2022:11:18:35 +0100] 162.142.125.7 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[15/Nov/2022:11:18:36 +0100] 162.142.125.7 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[15/Nov/2022:11:49:49 +0100] 128.1.248.42 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[15/Nov/2022:11:51:48 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327
[15/Nov/2022:11:53:31 +0100] 194.110.203.39 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /localhost_dump.zip HTTP/1.1" 412
[15/Nov/2022:12:29:27 +0100] 192.241.146.145 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[15/Nov/2022:12:29:29 +0100] 192.241.146.145 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304
[15/Nov/2022:12:29:32 +0100] 192.241.146.145 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[15/Nov/2022:13:02:57 +0100] 40.77.167.97 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 314
[15/Nov/2022:13:02:58 +0100] 40.77.167.97 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 314
[15/Nov/2022:13:03:08 +0100] 207.46.13.44 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[15/Nov/2022:14:16:06 +0100] 185.7.214.218 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[15/Nov/2022:14:17:41 +0100] 167.94.138.61 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[15/Nov/2022:14:17:42 +0100] 167.94.138.61 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[15/Nov/2022:14:17:43 +0100] 167.94.138.61 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[15/Nov/2022:15:55:36 +0100] 87.236.176.128 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[15/Nov/2022:16:28:20 +0100] 179.43.154.151 TLSv1.2 AES256-SHA "GET /.env HTTP/1.1" 304
[15/Nov/2022:16:28:20 +0100] 179.43.154.151 TLSv1.2 AES256-SHA "GET /.env.bak HTTP/1.1" 307
[15/Nov/2022:16:28:20 +0100] 179.43.154.151 TLSv1.2 AES256-SHA "GET /.env.dev HTTP/1.1" 307
[15/Nov/2022:16:28:20 +0100] 179.43.154.151 TLSv1.2 AES256-SHA "GET /.env.development.local HTTP/1.1" 314
[15/Nov/2022:16:28:20 +0100] 179.43.154.151 TLSv1.2 AES256-SHA "GET /.env.dev.local HTTP/1.1" 311
[15/Nov/2022:16:28:20 +0100] 179.43.154.151 TLSv1.2 AES256-SHA "GET /.env.prod HTTP/1.1" 308
[15/Nov/2022:16:28:20 +0100] 179.43.154.151 TLSv1.2 AES256-SHA "GET /.env.prod.local HTTP/1.1" 312
[15/Nov/2022:16:28:20 +0100] 179.43.154.151 TLSv1.2 AES256-SHA "GET /.env.local HTTP/1.1" 309
[15/Nov/2022:16:28:20 +0100] 179.43.154.151 TLSv1.2 AES256-SHA "GET /.env.production.local HTTP/1.1" 315
[15/Nov/2022:16:28:20 +0100] 179.43.154.151 TLSv1.2 AES256-SHA "GET /.env.production HTTP/1.1" 312
[15/Nov/2022:16:28:20 +0100] 179.43.154.151 TLSv1.2 AES256-SHA "GET /.env.backup HTTP/1.1" 310
[15/Nov/2022:16:28:20 +0100] 179.43.154.151 TLSv1.2 AES256-SHA "GET /.env.live HTTP/1.1" 307
[15/Nov/2022:16:28:20 +0100] 179.43.154.151 TLSv1.2 AES256-SHA "GET /.env.stage HTTP/1.1" 308
[15/Nov/2022:16:28:20 +0100] 179.43.154.151 TLSv1.2 AES256-SHA "GET /.env.example HTTP/1.1" 310
[15/Nov/2022:16:28:20 +0100] 179.43.154.151 TLSv1.2 AES256-SHA "GET /.env.www HTTP/1.1" 306
[15/Nov/2022:16:28:20 +0100] 179.43.154.151 TLSv1.2 AES256-SHA "GET /.env.old HTTP/1.1" 307
[15/Nov/2022:16:28:20 +0100] 179.43.154.151 TLSv1.2 AES256-SHA "GET /.env.save HTTP/1.1" 307
[15/Nov/2022:16:28:20 +0100] 179.43.154.151 TLSv1.2 AES256-SHA "GET /.env_1 HTTP/1.1" 306
[15/Nov/2022:16:28:20 +0100] 179.43.154.151 TLSv1.2 AES256-SHA "GET /api/.env HTTP/1.1" 307
[15/Nov/2022:16:28:20 +0100] 179.43.154.151 TLSv1.2 AES256-SHA "GET /.env_sample HTTP/1.1" 309
[15/Nov/2022:16:42:34 +0100] 192.241.198.152 TLSv1.2 AES256-SHA "GET /autodiscover/autodiscover.json?@zdi/Powershell HTTP/1.1" 328
[15/Nov/2022:16:56:39 +0100] 194.110.203.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /localhost_backup.zip HTTP/1.1" 406
[15/Nov/2022:17:07:12 +0100] 183.136.225.32 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[15/Nov/2022:17:17:37 +0100] 183.136.225.32 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[15/Nov/2022:17:18:44 +0100] 183.136.225.32 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 308
[15/Nov/2022:18:09:01 +0100] 194.180.48.125 TLSv1.2 AES256-SHA "GET /explore HTTP/1.1" 306
[15/Nov/2022:18:10:27 +0100] 172.104.193.53 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[15/Nov/2022:18:22:23 +0100] 192.46.234.99 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[15/Nov/2022:18:49:14 +0100] 198.12.252.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /localhost-backup.zip HTTP/1.1" 414
[15/Nov/2022:19:15:53 +0100] 94.102.61.8 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[15/Nov/2022:20:50:02 +0100] 185.180.143.71 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[15/Nov/2022:20:52:06 +0100] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backuplocalhost.zip HTTP/1.1" 396
[15/Nov/2022:20:56:18 +0100] 106.75.178.196 TLSv1.2 AES256-SHA "{\"method\":\"login\",\"params\":{\"login\":\"45JymPWP1DeQxxMZNJv9w2bTQ2WJDAmw18wUSryDQa3RPrympJPoUSVcFEDv3bhiMJGWaCD4a3KrFCorJHCMqXJUKApSKDV\",\"pass\":\"xxoo\",\"agent\":\"xmr-stak-cpu/1.3.0-1.5.0\"},\"id\":1}" 379
[15/Nov/2022:20:56:20 +0100] 106.75.178.196 TLSv1.2 AES256-SHA "{\"id\":1,\"method\":\"mining.subscribe\",\"params\":[]}" 379
[15/Nov/2022:20:56:21 +0100] 106.75.178.196 TLSv1.2 AES256-SHA "{\"params\": [\"miner1\", \"password\"], \"id\": 2, \"method\": \"mining.authorize\"}" 379
[15/Nov/2022:20:56:22 +0100] 106.75.178.196 TLSv1.2 AES256-SHA "{\"id\":1,\"jsonrpc\":\"2.0\",\"method\":\"login\",\"params\":{\"login\":\"blue1\",\"pass\":\"x\",\"agent\":\"Windows NT 6.1; Win64; x64\"}}" 379
[15/Nov/2022:20:56:24 +0100] 106.75.178.196 TLSv1.2 AES256-SHA "{\"params\": [\"miner1\", \"bf\", \"00000001\", \"504e86ed\", \"b2957c02\"], \"id\": 4, \"method\": \"mining.submit\"}" 379
[15/Nov/2022:20:56:26 +0100] 106.75.178.196 TLSv1.2 AES256-SHA "{\"id\":1,\"jsonrpc\":\"2.0\",\"method\":\"login\",\"params\":{\"login\":\"x\",\"pass\":\"null\",\"agent\":\"XMRig/5.13.1\",\"algo\":[\"cn/1\",\"cn/2\",\"cn/r\",\"cn/fast\",\"cn/half\",\"cn/xao\",\"cn/rto\",\"cn/rwz\",\"cn/zls\",\"cn/double\",\"rx/0\",\"rx/wow\",\"rx/loki\",\"rx/arq\",\"rx/sfx\",\"rx/keva\"]}}" 379
[15/Nov/2022:21:16:16 +0100] 185.7.214.218 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[15/Nov/2022:21:34:44 +0100] 146.88.240.11 - - "-" -
[15/Nov/2022:22:15:06 +0100] 208.67.106.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /wp-content/plugins/ioptimization/IOptimize.php?rchk HTTP/1.1" 329
[15/Nov/2022:22:29:07 +0100] 60.217.75.70 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[15/Nov/2022:22:29:57 +0100] 185.81.157.186 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 387
[15/Nov/2022:22:30:06 +0100] 185.81.157.186 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env.example HTTP/1.1" 395
[15/Nov/2022:22:30:21 +0100] 185.81.157.186 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /_profiler/phpinfo HTTP/1.1" 400
[15/Nov/2022:22:30:50 +0100] 185.81.157.186 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 383
[15/Nov/2022:22:32:00 +0100] 198.12.252.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backup-localhost.zip HTTP/1.1" 397
[15/Nov/2022:22:37:45 +0100] 198.12.252.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backup-localhost.zip HTTP/1.1" 414
[15/Nov/2022:22:39:51 +0100] 77.74.177.119 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[15/Nov/2022:22:50:28 +0100] 128.14.141.34 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[15/Nov/2022:22:55:36 +0100] 3.235.173.225 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.git/config HTTP/1.1" 304
[15/Nov/2022:22:55:37 +0100] 3.235.173.225 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.git/config HTTP/1.1" 304
[15/Nov/2022:23:03:21 +0100] 13.71.128.118 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[15/Nov/2022:23:03:32 +0100] 167.248.133.46 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[15/Nov/2022:23:03:32 +0100] 167.248.133.46 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[15/Nov/2022:23:03:33 +0100] 167.248.133.46 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[15/Nov/2022:23:33:10 +0100] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backup_localhost.zip HTTP/1.1" 406
[15/Nov/2022:23:52:04 +0100] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backup_localhost.zip HTTP/1.1" 414
[16/Nov/2022:00:11:44 +0100] 34.78.6.216 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[16/Nov/2022:00:40:57 +0100] 77.74.177.119 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301