[05/Dec/2022:01:18:00 +0100] 54.213.45.145 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[05/Dec/2022:01:19:58 +0100] 54.202.59.224 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[05/Dec/2022:01:34:03 +0100] 185.7.214.218 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[05/Dec/2022:02:42:00 +0100] 43.134.234.251 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[05/Dec/2022:02:42:27 +0100] 43.134.234.251 - - "-" -
[05/Dec/2022:02:58:51 +0100] 172.105.246.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388
[05/Dec/2022:02:58:57 +0100] 172.105.246.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /CSS/Miniweb.css HTTP/1.1" 398
[05/Dec/2022:02:58:57 +0100] 172.105.246.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /docs/cplugError.html/ HTTP/1.1" 404
[05/Dec/2022:02:58:57 +0100] 172.105.246.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /Portal0000.htm HTTP/1.1" 397
[05/Dec/2022:02:58:57 +0100] 172.105.246.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /pools/default/buckets HTTP/1.1" 404
[05/Dec/2022:02:58:57 +0100] 172.105.246.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388
[05/Dec/2022:02:58:57 +0100] 172.105.246.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /?=PHPE9568F36-D428-11d2-A769-00AA001ACF42 HTTP/1.1" 424
[05/Dec/2022:02:58:57 +0100] 172.105.246.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /sdk HTTP/1.1" 386
[05/Dec/2022:02:58:57 +0100] 172.105.246.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[05/Dec/2022:02:58:57 +0100] 172.105.246.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /nmaplowercheck1670205531 HTTP/1.1" 407
[05/Dec/2022:02:58:57 +0100] 172.105.246.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[05/Dec/2022:02:58:57 +0100] 172.105.246.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.git/HEAD HTTP/1.1" 392
[05/Dec/2022:02:59:07 +0100] 172.105.246.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /pools HTTP/1.1" 388
[05/Dec/2022:02:59:07 +0100] 172.105.246.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /__Additional HTTP/1.1" 395
[05/Dec/2022:02:59:07 +0100] 172.105.246.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /scripts/WPnBr.dll HTTP/1.1" 400
[05/Dec/2022:03:39:08 +0100] 165.22.85.212 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[05/Dec/2022:03:39:08 +0100] 165.22.85.212 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304
[05/Dec/2022:03:39:09 +0100] 165.22.85.212 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[05/Dec/2022:03:39:58 +0100] 194.110.203.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /db/database.sql HTTP/1.1" 401
[05/Dec/2022:03:41:59 +0100] 40.77.167.4 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 304
[05/Dec/2022:03:50:41 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[05/Dec/2022:04:24:27 +0100] 52.91.141.118 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[05/Dec/2022:04:41:25 +0100] 154.89.5.99 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[05/Dec/2022:04:50:05 +0100] 208.100.26.236 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 297
[05/Dec/2022:04:56:11 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[05/Dec/2022:05:16:41 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[05/Dec/2022:05:25:41 +0100] 192.241.192.110 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[05/Dec/2022:05:59:49 +0100] 194.110.203.40 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /db/sql.sql HTTP/1.1" 396
[05/Dec/2022:06:04:40 +0100] 144.91.106.14 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[05/Dec/2022:07:00:01 +0100] 216.218.206.67 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[05/Dec/2022:07:05:15 +0100] 208.100.26.244 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 298
[05/Dec/2022:07:10:12 +0100] 216.218.206.115 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[05/Dec/2022:07:12:25 +0100] 194.110.203.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /db/sql.sql HTTP/1.1" 404
[05/Dec/2022:07:12:47 +0100] 181.214.218.69 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "-" -
[05/Dec/2022:07:16:07 +0100] 216.218.206.115 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[05/Dec/2022:07:18:09 +0100] 216.218.206.75 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 310
[05/Dec/2022:07:44:24 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327
[05/Dec/2022:07:47:58 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "POST /mifs/.;/services/LogService HTTP/1.1" 318
[05/Dec/2022:08:05:14 +0100] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /db/bak.sql HTTP/1.1" 387
[05/Dec/2022:08:07:39 +0100] 192.241.193.82 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[05/Dec/2022:08:15:40 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /console/ HTTP/1.1" 307
[05/Dec/2022:08:20:11 +0100] 193.106.29.122 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388
[05/Dec/2022:08:28:18 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "POST /Autodiscover/Autodiscover.xml HTTP/1.1" 315
[05/Dec/2022:09:29:09 +0100] 192.241.204.44 TLSv1.2 AES256-SHA "GET /actuator/health HTTP/1.1" 310
[05/Dec/2022:09:39:44 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /_ignition/execute-solution HTTP/1.1" 319
[05/Dec/2022:10:12:06 +0100] 103.133.111.120 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[05/Dec/2022:10:12:08 +0100] 103.133.111.120 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 301
[05/Dec/2022:10:32:37 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[05/Dec/2022:10:39:53 +0100] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /db/bck.sql HTTP/1.1" 396
[05/Dec/2022:11:39:02 +0100] 87.236.176.77 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[05/Dec/2022:11:51:19 +0100] 35.216.244.6 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 379
[05/Dec/2022:11:51:21 +0100] 35.216.244.6 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[05/Dec/2022:11:51:31 +0100] 35.216.244.6 TLSv1.2 AES256-SHA "GET /.DS_Store HTTP/1.1" 307
[05/Dec/2022:11:51:31 +0100] 35.216.244.6 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[05/Dec/2022:11:51:32 +0100] 35.216.244.6 TLSv1.2 AES256-SHA "HEAD /favicon.ico HTTP/1.1" -
[05/Dec/2022:11:51:32 +0100] 35.216.244.6 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[05/Dec/2022:11:51:33 +0100] 35.216.244.6 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 1150
[05/Dec/2022:11:51:34 +0100] 35.216.244.6 TLSv1.2 AES256-SHA "GET /server-status HTTP/1.1" 308
[05/Dec/2022:11:51:34 +0100] 35.216.244.6 TLSv1.2 AES256-SHA "GET /config.json HTTP/1.1" 311
[05/Dec/2022:11:51:35 +0100] 35.216.244.6 TLSv1.2 AES256-SHA "GET /.env HTTP/1.1" 304
[05/Dec/2022:11:51:35 +0100] 35.216.244.6 TLSv1.2 AES256-SHA "GET /idx_config/ HTTP/1.1" 310
[05/Dec/2022:11:51:36 +0100] 35.216.244.6 TLSv1.2 AES256-SHA "GET /telescope/requests HTTP/1.1" 311
[05/Dec/2022:11:51:36 +0100] 35.216.244.6 TLSv1.2 AES256-SHA "GET /info.php HTTP/1.1" 307
[05/Dec/2022:11:51:37 +0100] 35.216.244.6 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 310
[05/Dec/2022:12:04:46 +0100] 185.7.214.218 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[05/Dec/2022:12:23:17 +0100] 63.251.224.106 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /admin/config.php HTTP/1.0" 393
[05/Dec/2022:12:28:59 +0100] 63.251.224.106 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /admin/modules/fw_ari/htdocs_ari/index.php HTTP/1.0" 418
[05/Dec/2022:12:38:20 +0100] 63.251.224.106 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /recordings/index.php HTTP/1.0" 397
[05/Dec/2022:12:56:27 +0100] 194.110.203.40 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /db/harm.at.bak.sql HTTP/1.1" 395
[05/Dec/2022:12:57:05 +0100] 195.133.20.252 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /api/v2/cmdb/system/admin HTTP/1.1" 318
[05/Dec/2022:13:03:17 +0100] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /db/easyzumfuehrerschein.com.bak.sql HTTP/1.1" 429
[05/Dec/2022:13:32:16 +0100] 5.39.220.78 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388
[05/Dec/2022:13:32:17 +0100] 5.39.220.78 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /logon/LogonPoint/tmindex.html HTTP/1.1" 412
[05/Dec/2022:13:32:17 +0100] 5.39.220.78 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /ui/h5-vsan/rest/proxy/service/com.vmware.vsan.client.services.capability.VsanCapabilityProvider/getClusterCapabilityData HTTP/1.1" 503
[05/Dec/2022:13:32:17 +0100] 5.39.220.78 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[05/Dec/2022:13:32:17 +0100] 5.39.220.78 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "PUT /api/v2/cmdb/system/admin/admin HTTP/1.1" 413
[05/Dec/2022:13:32:17 +0100] 5.39.220.78 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /casa/nodes/thumbprints HTTP/1.1" 398
[05/Dec/2022:13:32:17 +0100] 5.39.220.78 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /aspnet-ajax/Telerik.Web.UI.WebResource.axd?type=rau HTTP/1.1" 434
[05/Dec/2022:13:32:17 +0100] 5.39.220.78 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /+CSCOT+/translation-table?type=mst&textdomain=/%2bCSCOE%2b/portal_inc.lua&default-language&lang=../ HTTP/1.1" 498
[05/Dec/2022:13:32:17 +0100] 5.39.220.78 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /rest/applinks/1.0/manifest HTTP/1.1" 409
[05/Dec/2022:13:32:17 +0100] 5.39.220.78 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /dana-na/../dana/html5acc/guacamole/../../../../../../etc/passwd?/dana/html5acc/guacamole/ HTTP/1.1" 374
[05/Dec/2022:13:32:17 +0100] 5.39.220.78 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /autodiscover/autodiscover.json?@abc.com/owa/?&Email=autodiscover/autodiscover.json%3F@abc.com HTTP/1.1" 484
[05/Dec/2022:13:32:17 +0100] 5.39.220.78 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[05/Dec/2022:13:32:17 +0100] 5.39.220.78 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd HTTP/1.1" 458
[05/Dec/2022:13:32:17 +0100] 5.39.220.78 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /Telerik.Web.UI.WebResource.axd?type=rau HTTP/1.1" 422
[05/Dec/2022:13:32:17 +0100] 5.39.220.78 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /secure/rest/applinks/1.0/manifest HTTP/1.1" 416
[05/Dec/2022:13:32:17 +0100] 5.39.220.78 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /ui/login.action HTTP/1.1" 391
[05/Dec/2022:13:32:17 +0100] 5.39.220.78 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /jira/rest/applinks/1.0/manifest HTTP/1.1" 414
[05/Dec/2022:13:32:18 +0100] 5.39.220.78 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /confluence/rest/applinks/1.0/manifest HTTP/1.1" 420
[05/Dec/2022:13:32:18 +0100] 5.39.220.78 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /bitbucket/rest/applinks/1.0/manifest HTTP/1.1" 419
[05/Dec/2022:13:32:18 +0100] 5.39.220.78 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /bamboo/rest/applinks/1.0/manifest HTTP/1.1" 416
[05/Dec/2022:13:32:18 +0100] 5.39.220.78 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /crowd/rest/applinks/1.0/manifest HTTP/1.1" 415
[05/Dec/2022:14:45:02 +0100] 43.134.92.75 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 500
[05/Dec/2022:14:50:57 +0100] 54.177.109.248 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.git/config HTTP/1.1" 310
[05/Dec/2022:14:50:59 +0100] 54.177.109.248 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.git/config HTTP/1.1" 310
[05/Dec/2022:15:12:44 +0100] 194.110.203.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /db/klub.kornland.at.bck.sql HTTP/1.1" 413
[05/Dec/2022:15:13:29 +0100] 194.110.203.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /db/harm.at.bck.sql HTTP/1.1" 395
[05/Dec/2022:16:10:53 +0100] 47.88.78.6 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[05/Dec/2022:16:10:58 +0100] 47.251.14.232 TLSv1.2 AES256-SHA "GET /Public/home/js/check.js HTTP/1.1" 316
[05/Dec/2022:16:11:01 +0100] 47.88.87.97 TLSv1.2 AES256-SHA "GET /static/admin/javascript/hetong.js HTTP/1.1" 325
[05/Dec/2022:16:29:51 +0100] 209.141.55.120 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[05/Dec/2022:16:29:52 +0100] 209.141.41.193 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 297
[05/Dec/2022:16:29:54 +0100] 205.185.116.89 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[05/Dec/2022:16:29:54 +0100] 209.141.34.187 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[05/Dec/2022:16:29:58 +0100] 209.141.51.222 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[05/Dec/2022:16:29:59 +0100] 209.141.34.187 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 297
[05/Dec/2022:16:30:03 +0100] 205.185.116.25 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[05/Dec/2022:16:30:15 +0100] 209.141.34.187 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 305
[05/Dec/2022:16:30:16 +0100] 209.141.49.169 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 308
[05/Dec/2022:16:30:22 +0100] 209.141.49.169 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 302
[05/Dec/2022:16:30:23 +0100] 209.141.36.231 - - "-" -
[05/Dec/2022:16:34:54 +0100] 209.141.51.222 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 297
[05/Dec/2022:16:35:01 +0100] 205.185.122.184 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 305
[05/Dec/2022:16:36:41 +0100] 185.73.125.93 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /api/v2/cmdb/system/admin HTTP/1.1" 318
[05/Dec/2022:17:05:11 +0100] 152.89.196.103 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /api/v2/cmdb/system/admin HTTP/1.1" 318
[05/Dec/2022:17:38:21 +0100] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /db/easyzumfuehrerschein.bak.sql HTTP/1.1" 425
[05/Dec/2022:18:11:16 +0100] 185.7.214.218 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[05/Dec/2022:18:22:33 +0100] 40.77.167.4 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 304
[05/Dec/2022:19:17:04 +0100] 183.136.225.32 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[05/Dec/2022:19:23:52 +0100] 183.136.225.32 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[05/Dec/2022:19:50:12 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388
[05/Dec/2022:19:50:12 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /CSS/Miniweb.css HTTP/1.1" 398
[05/Dec/2022:19:50:12 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /scripts/WPnBr.dll HTTP/1.1" 400
[05/Dec/2022:19:50:12 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[05/Dec/2022:19:50:12 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /indice.html HTTP/1.1" 394
[05/Dec/2022:19:50:12 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "SSTP_DUPLEX_POST /sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/ HTTP/1.1" 925
[05/Dec/2022:19:50:12 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /nmaplowercheck1670266212 HTTP/1.1" 407
[05/Dec/2022:19:50:12 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /Portal/Portal.mwsl HTTP/1.1" 401
[05/Dec/2022:19:50:12 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /1joR HTTP/1.1" 387
[05/Dec/2022:19:50:13 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /Portal0000.htm HTTP/1.1" 397
[05/Dec/2022:19:50:13 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /inicio.aspx HTTP/1.1" 394
[05/Dec/2022:19:50:13 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388
[05/Dec/2022:19:50:13 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[05/Dec/2022:19:50:13 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /docs/cplugError.html/ HTTP/1.1" 404
[05/Dec/2022:19:50:13 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /pools/default/buckets HTTP/1.1" 404
[05/Dec/2022:19:50:13 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "HEAD / HTTP/1.1" -
[05/Dec/2022:19:50:13 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /sdk HTTP/1.1" 386
[05/Dec/2022:19:50:13 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /?=PHPE9568F36-D428-11d2-A769-00AA001ACF42 HTTP/1.1" 424
[05/Dec/2022:19:50:13 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.git/HEAD HTTP/1.1" 392
[05/Dec/2022:19:50:13 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /localstart.jhtml HTTP/1.1" 399
[05/Dec/2022:19:50:13 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /__Additional HTTP/1.1" 395
[05/Dec/2022:19:50:13 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /HNAP1 HTTP/1.1" 388
[05/Dec/2022:19:50:13 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /pools HTTP/1.1" 388
[05/Dec/2022:19:50:13 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 HTTP/1.1" 424
[05/Dec/2022:19:50:13 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /server-status HTTP/1.1" 396
[05/Dec/2022:19:50:13 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[05/Dec/2022:19:50:13 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /readme.txt HTTP/1.1" 393
[05/Dec/2022:19:50:13 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[05/Dec/2022:19:50:13 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /main.php HTTP/1.1" 391
[05/Dec/2022:19:50:14 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /admin.shtml HTTP/1.1" 394
[05/Dec/2022:19:50:14 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /home.pl HTTP/1.1" 390
[05/Dec/2022:19:50:14 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /favicon.ico HTTP/1.1" 394
[05/Dec/2022:19:50:14 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /admin.pl HTTP/1.1" 391
[05/Dec/2022:19:50:15 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /menu.jsp HTTP/1.1" 391
[05/Dec/2022:19:50:15 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /admin.jsp HTTP/1.1" 392
[05/Dec/2022:19:50:15 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /start.shtml HTTP/1.1" 394
[05/Dec/2022:19:50:16 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /home.aspx HTTP/1.1" 392
[05/Dec/2022:19:50:16 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /default.aspx HTTP/1.1" 395
[05/Dec/2022:19:50:16 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /admin.jsa HTTP/1.1" 392
[05/Dec/2022:19:50:17 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /admin.jhtml HTTP/1.1" 394
[05/Dec/2022:19:50:17 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /home.asp HTTP/1.1" 391
[05/Dec/2022:19:50:17 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /default.jsp HTTP/1.1" 394
[05/Dec/2022:19:50:17 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /robots.txt HTTP/1.1" 393
[05/Dec/2022:19:50:18 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /base.asp HTTP/1.1" 391
[05/Dec/2022:19:50:18 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /localstart.jsa HTTP/1.1" 397
[05/Dec/2022:19:50:18 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /admin.cgi HTTP/1.1" 392
[05/Dec/2022:19:50:19 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /inicio.cfm HTTP/1.1" 393
[05/Dec/2022:19:50:19 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /menu.asp HTTP/1.1" 391
[05/Dec/2022:19:50:19 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /admin.cfm HTTP/1.1" 392
[05/Dec/2022:19:50:20 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /start.cfm HTTP/1.1" 392
[05/Dec/2022:19:50:20 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /indice.php HTTP/1.1" 393
[05/Dec/2022:19:50:20 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /default.jsa HTTP/1.1" 394
[05/Dec/2022:19:50:20 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /admin.asp HTTP/1.1" 392
[05/Dec/2022:19:50:21 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /localstart.shtml HTTP/1.1" 399
[05/Dec/2022:19:50:21 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /home.jsp HTTP/1.1" 391
[05/Dec/2022:19:50:21 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /indice.jhtml HTTP/1.1" 395
[05/Dec/2022:19:50:22 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /start.cgi HTTP/1.1" 392
[05/Dec/2022:19:50:22 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /base.php HTTP/1.1" 391
[05/Dec/2022:19:50:22 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /inicio.jsp HTTP/1.1" 393
[05/Dec/2022:19:50:43 +0100] 195.96.137.6 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388
[05/Dec/2022:19:58:56 +0100] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /db/klub.bck.sql HTTP/1.1" 401
[05/Dec/2022:20:03:50 +0100] 167.94.146.58 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[05/Dec/2022:20:03:50 +0100] 167.94.146.58 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[05/Dec/2022:20:03:50 +0100] 167.94.146.58 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[05/Dec/2022:20:19:22 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[05/Dec/2022:20:49:39 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327
[05/Dec/2022:21:13:40 +0100] 205.210.31.183 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 386
[05/Dec/2022:21:48:19 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "POST /Autodiscover/Autodiscover.xml HTTP/1.1" 315
[05/Dec/2022:22:06:19 +0100] 106.75.178.169 TLSv1.2 AES256-SHA "{\"method\":\"login\",\"params\":{\"login\":\"45JymPWP1DeQxxMZNJv9w2bTQ2WJDAmw18wUSryDQa3RPrympJPoUSVcFEDv3bhiMJGWaCD4a3KrFCorJHCMqXJUKApSKDV\",\"pass\":\"xxoo\",\"agent\":\"xmr-stak-cpu/1.3.0-1.5.0\"},\"id\":1}" 379
[05/Dec/2022:22:06:20 +0100] 106.75.178.169 TLSv1.2 AES256-SHA "{\"id\":1,\"method\":\"mining.subscribe\",\"params\":[]}" 379
[05/Dec/2022:22:06:21 +0100] 106.75.178.169 TLSv1.2 AES256-SHA "{\"params\": [\"miner1\", \"password\"], \"id\": 2, \"method\": \"mining.authorize\"}" 379
[05/Dec/2022:22:06:23 +0100] 106.75.178.169 TLSv1.2 AES256-SHA "{\"id\":1,\"jsonrpc\":\"2.0\",\"method\":\"login\",\"params\":{\"login\":\"blue1\",\"pass\":\"x\",\"agent\":\"Windows NT 6.1; Win64; x64\"}}" 379
[05/Dec/2022:22:06:24 +0100] 106.75.178.169 TLSv1.2 AES256-SHA "{\"params\": [\"miner1\", \"bf\", \"00000001\", \"504e86ed\", \"b2957c02\"], \"id\": 4, \"method\": \"mining.submit\"}" 379
[05/Dec/2022:22:06:25 +0100] 106.75.178.169 TLSv1.2 AES256-SHA "{\"id\":1,\"jsonrpc\":\"2.0\",\"method\":\"login\",\"params\":{\"login\":\"x\",\"pass\":\"null\",\"agent\":\"XMRig/5.13.1\",\"algo\":[\"cn/1\",\"cn/2\",\"cn/r\",\"cn/fast\",\"cn/half\",\"cn/xao\",\"cn/rto\",\"cn/rwz\",\"cn/zls\",\"cn/double\",\"rx/0\",\"rx/wow\",\"rx/loki\",\"rx/arq\",\"rx/sfx\",\"rx/keva\"]}}" 379
[05/Dec/2022:22:12:00 +0100] 35.88.60.67 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[05/Dec/2022:22:57:31 +0100] 72.251.235.148 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /admin/modules/fw_ari/htdocs_ari/index.php HTTP/1.0" 418
[05/Dec/2022:23:07:23 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[05/Dec/2022:23:26:09 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 293
[06/Dec/2022:00:21:25 +0100] 192.241.212.203 TLSv1.2 AES256-SHA "GET /version HTTP/1.1" 305
[06/Dec/2022:00:22:39 +0100] 87.236.176.5 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[06/Dec/2022:00:22:41 +0100] 34.76.96.55 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[06/Dec/2022:00:35:41 +0100] 198.12.252.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /db/1.sql HTTP/1.1" 385