[25/Nov/2022:01:15:11 +0100] 24.199.83.252 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[25/Nov/2022:01:40:35 +0100] 93.159.230.83 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 304
[25/Nov/2022:01:40:53 +0100] 185.7.214.218 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[25/Nov/2022:02:10:08 +0100] 194.110.203.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /dump.7z HTTP/1.1" 401
[25/Nov/2022:02:17:59 +0100] 194.110.203.39 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /dump.7z HTTP/1.1" 393
[25/Nov/2022:02:40:38 +0100] 93.159.230.87 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 304
[25/Nov/2022:02:42:38 +0100] 179.43.177.154 TLSv1.2 AES256-SHA "GET /wp-content/.git/config HTTP/1.1" 315
[25/Nov/2022:03:16:47 +0100] 184.105.247.252 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[25/Nov/2022:03:28:34 +0100] 184.105.247.238 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[25/Nov/2022:03:34:27 +0100] 184.105.247.247 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[25/Nov/2022:03:40:58 +0100] 93.159.230.88 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 304
[25/Nov/2022:04:37:06 +0100] 193.106.29.122 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388
[25/Nov/2022:04:41:02 +0100] 93.159.230.88 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 304
[25/Nov/2022:05:12:09 +0100] 192.241.208.7 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[25/Nov/2022:05:18:35 +0100] 194.110.203.44 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /dbdump.7z HTTP/1.1" 403
[25/Nov/2022:05:36:02 +0100] 167.94.138.46 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[25/Nov/2022:05:36:03 +0100] 167.94.138.46 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[25/Nov/2022:05:36:04 +0100] 167.94.138.46 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[25/Nov/2022:05:40:48 +0100] 93.159.230.89 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 304
[25/Nov/2022:06:41:20 +0100] 93.159.230.83 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 304
[25/Nov/2022:06:42:54 +0100] 134.209.157.159 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[25/Nov/2022:06:42:56 +0100] 134.209.157.159 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304
[25/Nov/2022:06:43:01 +0100] 134.209.157.159 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[25/Nov/2022:07:22:18 +0100] 198.235.24.54 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 393
[25/Nov/2022:07:41:04 +0100] 93.159.230.89 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 304
[25/Nov/2022:07:53:20 +0100] 192.241.210.7 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[25/Nov/2022:08:35:20 +0100] 162.142.125.8 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[25/Nov/2022:08:35:21 +0100] 162.142.125.8 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[25/Nov/2022:08:35:21 +0100] 162.142.125.8 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[25/Nov/2022:08:37:02 +0100] 194.110.203.44 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backup.7z HTTP/1.1" 386
[25/Nov/2022:08:41:01 +0100] 93.159.230.88 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 304
[25/Nov/2022:09:33:15 +0100] 185.180.143.76 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[25/Nov/2022:09:41:30 +0100] 93.159.230.87 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 304
[25/Nov/2022:09:53:03 +0100] 194.110.203.44 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /localhost.7z HTTP/1.1" 406
[25/Nov/2022:10:01:05 +0100] 192.241.192.92 TLSv1.2 AES256-SHA "GET /actuator/health HTTP/1.1" 310
[25/Nov/2022:10:19:42 +0100] 185.7.214.218 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[25/Nov/2022:10:39:31 +0100] 194.110.203.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /localhost.7z HTTP/1.1" 389
[25/Nov/2022:10:41:18 +0100] 93.159.230.89 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 304
[25/Nov/2022:10:49:19 +0100] 94.102.56.151 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[25/Nov/2022:11:19:13 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327
[25/Nov/2022:11:41:59 +0100] 77.74.177.119 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 304
[25/Nov/2022:11:47:56 +0100] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /localhostdb.7z HTTP/1.1" 391
[25/Nov/2022:11:51:37 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "POST /mifs/.;/services/LogService HTTP/1.1" 318
[25/Nov/2022:12:15:20 +0100] 198.235.24.59 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[25/Nov/2022:12:27:37 +0100] 80.85.84.177 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[25/Nov/2022:13:04:56 +0100] 154.89.5.210 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[25/Nov/2022:13:25:42 +0100] 194.110.203.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /localhost_db.7z HTTP/1.1" 392
[25/Nov/2022:14:11:49 +0100] 194.110.203.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /localhost_db.7z HTTP/1.1" 409
[25/Nov/2022:14:13:18 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /console/ HTTP/1.1" 307
[25/Nov/2022:14:36:34 +0100] 185.66.88.47 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[25/Nov/2022:14:36:34 +0100] 185.66.88.47 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[25/Nov/2022:14:43:54 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[25/Nov/2022:14:43:55 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.env HTTP/1.1" 304
[25/Nov/2022:14:43:55 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/credentials HTTP/1.1" 311
[25/Nov/2022:14:43:56 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/credentials HTTP/1.1" 311
[25/Nov/2022:14:43:56 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/config HTTP/1.1" 310
[25/Nov/2022:14:43:57 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/config HTTP/1.1" 310
[25/Nov/2022:14:43:57 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /aws/credentials HTTP/1.1" 310
[25/Nov/2022:14:43:58 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /aws/credentials HTTP/1.1" 310
[25/Nov/2022:14:43:58 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /credentials HTTP/1.1" 308
[25/Nov/2022:14:43:59 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /credentials HTTP/1.1" 308
[25/Nov/2022:14:43:59 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /test.php HTTP/1.1" 306
[25/Nov/2022:14:44:00 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /test.php HTTP/1.1" 306
[25/Nov/2022:14:44:00 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /laravel/.env HTTP/1.1" 309
[25/Nov/2022:14:44:01 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /laravel/.env HTTP/1.1" 309
[25/Nov/2022:14:44:01 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /demo/.env HTTP/1.1" 307
[25/Nov/2022:14:44:02 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /demo/.env HTTP/1.1" 307
[25/Nov/2022:14:44:02 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /web/.env HTTP/1.1" 307
[25/Nov/2022:14:44:03 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /web/.env HTTP/1.1" 307
[25/Nov/2022:14:44:03 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /phpinfo HTTP/1.1" 307
[25/Nov/2022:14:44:04 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /phpinfo HTTP/1.1" 307
[25/Nov/2022:15:37:23 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "POST /Autodiscover/Autodiscover.xml HTTP/1.1" 315
[25/Nov/2022:15:41:13 +0100] 23.81.180.11 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[25/Nov/2022:15:43:36 +0100] 51.158.103.247 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 389
[25/Nov/2022:16:26:03 +0100] 162.142.125.8 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[25/Nov/2022:16:26:04 +0100] 162.142.125.8 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[25/Nov/2022:16:26:05 +0100] 162.142.125.8 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[25/Nov/2022:16:36:55 +0100] 163.172.180.25 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 400
[25/Nov/2022:16:46:10 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /_ignition/execute-solution HTTP/1.1" 319
[25/Nov/2022:17:50:31 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[25/Nov/2022:18:25:03 +0100] 185.7.214.218 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[25/Nov/2022:19:16:19 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 293
[25/Nov/2022:19:21:31 +0100] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /localhost-database.7z HTTP/1.1" 398
[25/Nov/2022:19:56:41 +0100] 89.248.163.204 - - "-" -
[25/Nov/2022:20:27:03 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[25/Nov/2022:21:04:51 +0100] 35.216.166.72 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 379
[25/Nov/2022:21:04:53 +0100] 35.216.166.72 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[25/Nov/2022:21:04:58 +0100] 35.216.166.72 TLSv1.2 AES256-SHA "GET /.DS_Store HTTP/1.1" 307
[25/Nov/2022:21:04:58 +0100] 35.216.166.72 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 310
[25/Nov/2022:21:04:59 +0100] 35.216.166.72 TLSv1.2 AES256-SHA "GET /server-status HTTP/1.1" 308
[25/Nov/2022:21:04:59 +0100] 35.216.166.72 TLSv1.2 AES256-SHA "GET /config.json HTTP/1.1" 311
[25/Nov/2022:21:04:59 +0100] 35.216.166.72 TLSv1.2 AES256-SHA "GET /.env HTTP/1.1" 304
[25/Nov/2022:21:05:00 +0100] 35.216.166.72 TLSv1.2 AES256-SHA "GET /idx_config/ HTTP/1.1" 310
[25/Nov/2022:21:05:00 +0100] 35.216.166.72 TLSv1.2 AES256-SHA "GET /telescope/requests HTTP/1.1" 311
[25/Nov/2022:21:05:01 +0100] 35.216.166.72 TLSv1.2 AES256-SHA "GET /info.php HTTP/1.1" 307
[25/Nov/2022:21:25:31 +0100] 194.110.203.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /localhost_dump.7z HTTP/1.1" 394
[25/Nov/2022:21:49:25 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /actuator/gateway/routes HTTP/1.1" 315
[25/Nov/2022:22:08:31 +0100] 23.251.102.74 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[25/Nov/2022:22:20:02 +0100] 205.210.31.52 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 377
[25/Nov/2022:22:44:42 +0100] 159.65.94.153 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 298
[25/Nov/2022:22:44:42 +0100] 159.65.94.153 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 295
[25/Nov/2022:23:43:46 +0100] 139.59.119.203 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[25/Nov/2022:23:43:49 +0100] 139.59.119.203 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304
[25/Nov/2022:23:43:57 +0100] 139.59.119.203 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[25/Nov/2022:23:55:35 +0100] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /localhost-dump.7z HTTP/1.1" 403
[26/Nov/2022:00:05:09 +0100] 35.212.26.22 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[26/Nov/2022:00:05:27 +0100] 128.14.134.170 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[26/Nov/2022:00:18:29 +0100] 35.195.93.98 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[26/Nov/2022:00:40:30 +0100] 192.241.207.181 TLSv1.2 AES256-SHA "GET /autodiscover/autodiscover.json?@zdi/Powershell HTTP/1.1" 328