[19/Nov/2022:01:21:43 +0100] 138.246.253.24 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 404
[19/Nov/2022:01:53:10 +0100] 128.14.141.34 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[19/Nov/2022:02:01:00 +0100] 194.180.48.125 TLSv1.2 AES256-SHA "GET /explore HTTP/1.1" 306
[19/Nov/2022:02:54:56 +0100] 198.12.252.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /localhost-backup.tar.gz HTTP/1.1" 400
[19/Nov/2022:03:18:44 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 293
[19/Nov/2022:03:25:53 +0100] 103.149.192.31 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[19/Nov/2022:03:33:22 +0100] 185.7.214.218 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[19/Nov/2022:03:50:31 +0100] 194.110.203.47 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backuplocalhost.tar.gz HTTP/1.1" 399
[19/Nov/2022:04:09:19 +0100] 128.14.141.34 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[19/Nov/2022:04:16:51 +0100] 106.75.129.215 TLSv1.2 AES256-SHA "{\"method\":\"login\",\"params\":{\"login\":\"45JymPWP1DeQxxMZNJv9w2bTQ2WJDAmw18wUSryDQa3RPrympJPoUSVcFEDv3bhiMJGWaCD4a3KrFCorJHCMqXJUKApSKDV\",\"pass\":\"xxoo\",\"agent\":\"xmr-stak-cpu/1.3.0-1.5.0\"},\"id\":1}" 379
[19/Nov/2022:04:16:52 +0100] 106.75.129.215 TLSv1.2 AES256-SHA "{\"id\":1,\"method\":\"mining.subscribe\",\"params\":[]}" 379
[19/Nov/2022:04:16:54 +0100] 106.75.129.215 TLSv1.2 AES256-SHA "{\"params\": [\"miner1\", \"password\"], \"id\": 2, \"method\": \"mining.authorize\"}" 379
[19/Nov/2022:04:16:55 +0100] 106.75.129.215 TLSv1.2 AES256-SHA "{\"id\":1,\"jsonrpc\":\"2.0\",\"method\":\"login\",\"params\":{\"login\":\"blue1\",\"pass\":\"x\",\"agent\":\"Windows NT 6.1; Win64; x64\"}}" 379
[19/Nov/2022:04:16:56 +0100] 106.75.129.215 TLSv1.2 AES256-SHA "{\"params\": [\"miner1\", \"bf\", \"00000001\", \"504e86ed\", \"b2957c02\"], \"id\": 4, \"method\": \"mining.submit\"}" 379
[19/Nov/2022:04:16:58 +0100] 106.75.129.215 TLSv1.2 AES256-SHA "{\"id\":1,\"jsonrpc\":\"2.0\",\"method\":\"login\",\"params\":{\"login\":\"x\",\"pass\":\"null\",\"agent\":\"XMRig/5.13.1\",\"algo\":[\"cn/1\",\"cn/2\",\"cn/r\",\"cn/fast\",\"cn/half\",\"cn/xao\",\"cn/rto\",\"cn/rwz\",\"cn/zls\",\"cn/double\",\"rx/0\",\"rx/wow\",\"rx/loki\",\"rx/arq\",\"rx/sfx\",\"rx/keva\"]}}" 379
[19/Nov/2022:05:04:43 +0100] 192.241.203.234 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[19/Nov/2022:05:25:07 +0100] 198.12.252.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backup-localhost.tar.gz HTTP/1.1" 417
[19/Nov/2022:05:29:38 +0100] 198.12.252.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backup-localhost.tar.gz HTTP/1.1" 409
[19/Nov/2022:07:35:10 +0100] 35.195.81.251 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[19/Nov/2022:07:36:03 +0100] 192.241.201.214 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[19/Nov/2022:07:55:42 +0100] 194.110.203.47 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backup_localhost.tar.gz HTTP/1.1" 409
[19/Nov/2022:08:48:41 +0100] 194.110.203.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /easyzumfuehrerscheindb.tar.gz HTTP/1.1" 423
[19/Nov/2022:09:37:26 +0100] 194.180.48.125 TLSv1.2 AES256-SHA "GET /docker-compose.yml HTTP/1.1" 312
[19/Nov/2022:09:49:09 +0100] 205.210.31.51 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 389
[19/Nov/2022:09:53:20 +0100] 198.235.24.174 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 393
[19/Nov/2022:10:15:32 +0100] 162.142.125.121 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[19/Nov/2022:10:15:33 +0100] 162.142.125.121 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[19/Nov/2022:10:22:30 +0100] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /harm_db.tar.gz HTTP/1.1" 391
[19/Nov/2022:10:39:13 +0100] 162.248.160.43 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /administration/ac-admin/css/admin-calendar.css HTTP/1.1" 431
[19/Nov/2022:11:01:10 +0100] 185.7.214.218 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[19/Nov/2022:11:09:04 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327
[19/Nov/2022:11:39:13 +0100] 192.241.195.124 TLSv1.2 AES256-SHA "GET /autodiscover/autodiscover.json?@zdi/Powershell HTTP/1.1" 328
[19/Nov/2022:11:44:15 +0100] 183.136.225.32 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[19/Nov/2022:12:00:48 +0100] 183.136.225.32 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[19/Nov/2022:12:01:09 +0100] 183.136.225.32 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[19/Nov/2022:12:01:30 +0100] 183.136.225.32 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 308
[19/Nov/2022:12:10:42 +0100] 194.110.203.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /harm-db.tar.gz HTTP/1.1" 391
[19/Nov/2022:12:15:42 +0100] 194.110.203.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /easyzumfuehrerschein-db.tar.gz HTTP/1.1" 424
[19/Nov/2022:12:35:18 +0100] 138.246.253.24 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 403
[19/Nov/2022:12:38:15 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[19/Nov/2022:13:07:03 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[19/Nov/2022:13:15:34 +0100] 138.246.253.24 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 387
[19/Nov/2022:13:48:14 +0100] 128.14.209.162 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[19/Nov/2022:14:14:12 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /actuator/gateway/routes HTTP/1.1" 315
[19/Nov/2022:14:40:06 +0100] 216.218.206.114 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[19/Nov/2022:14:49:29 +0100] 216.218.206.86 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[19/Nov/2022:14:54:46 +0100] 216.218.206.98 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[19/Nov/2022:14:56:22 +0100] 216.218.206.70 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 310
[19/Nov/2022:14:58:35 +0100] 194.110.203.47 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /harm_database.tar.gz HTTP/1.1" 397
[19/Nov/2022:15:14:38 +0100] 194.180.48.125 TLSv1.2 AES256-SHA "GET /explore HTTP/1.1" 306
[19/Nov/2022:15:50:59 +0100] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /harm-database.tar.gz HTTP/1.1" 397
[19/Nov/2022:15:58:50 +0100] 45.72.48.130 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[19/Nov/2022:15:58:52 +0100] 45.72.48.130 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 302
[19/Nov/2022:15:58:54 +0100] 45.72.48.130 TLSv1.2 AES256-SHA "GET /ads.txt HTTP/1.1" 300
[19/Nov/2022:17:42:56 +0100] 194.110.203.44 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /klub_dump.tar.gz HTTP/1.1" 402
[19/Nov/2022:17:45:02 +0100] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /easyzumfuehrerschein_dump.tar.gz HTTP/1.1" 426
[19/Nov/2022:17:56:07 +0100] 192.241.212.230 TLSv1.2 AES256-SHA "GET /actuator/health HTTP/1.1" 310
[19/Nov/2022:18:10:19 +0100] 89.248.163.204 - - "-" -
[19/Nov/2022:18:26:38 +0100] 94.102.61.8 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[19/Nov/2022:18:44:54 +0100] 194.110.203.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /harm_dump.tar.gz HTTP/1.1" 393
[19/Nov/2022:19:14:51 +0100] 51.15.251.143 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 384
[19/Nov/2022:19:46:20 +0100] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /klub-dump.tar.gz HTTP/1.1" 402
[19/Nov/2022:19:47:31 +0100] 89.248.163.204 - - "-" -
[19/Nov/2022:20:27:48 +0100] 109.206.243.162 TLSv1.2 AES256-SHA "GET /explore HTTP/1.1" 306
[19/Nov/2022:20:43:49 +0100] 185.7.214.218 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[19/Nov/2022:20:56:10 +0100] 183.136.225.32 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[19/Nov/2022:21:00:57 +0100] 183.136.225.32 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[19/Nov/2022:21:01:18 +0100] 183.136.225.32 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[19/Nov/2022:21:01:41 +0100] 183.136.225.32 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 308
[19/Nov/2022:21:11:05 +0100] 194.110.203.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /klubbackup.tar.gz HTTP/1.1" 403
[19/Nov/2022:21:33:18 +0100] 194.110.203.40 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /easyzumfuehrerscheinbackup.tar.gz HTTP/1.1" 427
[19/Nov/2022:22:25:03 +0100] 34.211.77.202 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[19/Nov/2022:22:25:17 +0100] 52.39.219.152 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 314
[19/Nov/2022:22:25:20 +0100] 52.39.219.152 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[19/Nov/2022:22:25:30 +0100] 35.88.249.3 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 314
[19/Nov/2022:22:27:15 +0100] 54.187.20.244 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[19/Nov/2022:22:27:41 +0100] 52.39.219.152 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[19/Nov/2022:22:28:07 +0100] 34.208.173.250 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 314
[19/Nov/2022:22:42:30 +0100] 208.67.106.125 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.git/config HTTP/1.1" 316
[19/Nov/2022:22:57:33 +0100] 51.159.99.253 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[19/Nov/2022:22:57:33 +0100] 51.159.99.253 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /favicon.ico HTTP/1.1" 309
[19/Nov/2022:23:15:01 +0100] 194.110.203.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /klub_backup.tar.gz HTTP/1.1" 404
[20/Nov/2022:00:13:42 +0100] 35.91.178.25 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 306
[20/Nov/2022:00:20:55 +0100] 52.35.54.56 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 306
[20/Nov/2022:00:22:02 +0100] 35.195.93.98 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[20/Nov/2022:00:23:15 +0100] 208.100.26.249 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 298
[20/Nov/2022:00:34:28 +0100] 43.134.171.148 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[20/Nov/2022:00:34:54 +0100] 43.134.171.148 - - "-" -