104.131.128.22 - - [13/Jan/2023:01:10:27 +0100] "GET /actuator/health HTTP/1.1" 301 310 "-" "Mozilla/5.0 zgrab/0.x" 109.237.98.226 - - [13/Jan/2023:01:14:14 +0100] "GET /.env HTTP/1.1" 301 304 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [13/Jan/2023:01:14:14 +0100] "POST /.env HTTP/1.1" 301 304 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [13/Jan/2023:01:14:15 +0100] "GET /.aws/credentials HTTP/1.1" 301 311 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [13/Jan/2023:01:14:15 +0100] "POST /.aws/credentials HTTP/1.1" 301 311 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [13/Jan/2023:01:14:16 +0100] "GET /.aws/config HTTP/1.1" 301 310 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [13/Jan/2023:01:14:16 +0100] "POST /.aws/config HTTP/1.1" 301 310 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [13/Jan/2023:01:14:17 +0100] "GET /aws/credentials HTTP/1.1" 301 310 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [13/Jan/2023:01:14:17 +0100] "POST /aws/credentials HTTP/1.1" 301 310 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [13/Jan/2023:01:14:17 +0100] "GET /credentials HTTP/1.1" 301 308 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [13/Jan/2023:01:14:18 +0100] "POST /credentials HTTP/1.1" 301 308 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [13/Jan/2023:01:14:19 +0100] "GET /test.php HTTP/1.1" 301 306 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [13/Jan/2023:01:14:19 +0100] "POST /test.php HTTP/1.1" 301 306 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [13/Jan/2023:01:14:19 +0100] "GET /laravel/.env HTTP/1.1" 301 309 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [13/Jan/2023:01:14:20 +0100] "POST /laravel/.env HTTP/1.1" 301 309 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [13/Jan/2023:01:14:20 +0100] "GET /demo/.env HTTP/1.1" 301 307 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [13/Jan/2023:01:14:21 +0100] "POST /demo/.env HTTP/1.1" 301 307 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [13/Jan/2023:01:14:21 +0100] "GET /web/.env HTTP/1.1" 301 307 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [13/Jan/2023:01:14:22 +0100] "POST /web/.env HTTP/1.1" 301 307 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [13/Jan/2023:01:14:22 +0100] "GET /phpinfo HTTP/1.1" 301 307 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [13/Jan/2023:01:14:23 +0100] "POST /phpinfo HTTP/1.1" 301 307 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 18.236.62.2 - - [13/Jan/2023:01:25:16 +0100] "GET / HTTP/1.1" 301 295 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 54.201.102.116 - - [13/Jan/2023:01:25:31 +0100] "GET /favicon.ico HTTP/1.1" 301 302 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 54.201.102.116 - - [13/Jan/2023:01:25:35 +0100] "GET / HTTP/1.1" 301 295 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 68.219.120.208 - - [13/Jan/2023:02:24:49 +0100] "GET /.git/config HTTP/1.1" 301 310 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" 194.110.203.46 - - [13/Jan/2023:02:29:21 +0100] "GET /database/dbdump.zip HTTP/1.1" 301 413 "-" "Firefox" 194.110.203.41 - - [13/Jan/2023:02:51:45 +0100] "GET /database/dbdump.zip HTTP/1.1" 301 405 "-" "Firefox" 205.210.31.143 - - [13/Jan/2023:03:12:22 +0100] "GET / HTTP/1.1" 301 394 "-" "Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com" 176.58.124.134 - - [13/Jan/2023:03:22:50 +0100] "GET / HTTP/1.1" 400 379 "-" "-" 45.33.102.90 - - [13/Jan/2023:04:43:42 +0100] "GET / HTTP/1.1" 301 301 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" 128.14.141.34 - - [13/Jan/2023:05:35:30 +0100] "GET / HTTP/1.1" 301 301 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" 193.106.29.122 - - [13/Jan/2023:06:37:18 +0100] "GET / HTTP/1.0" 301 388 "-" "Mozilla/5.0" 198.199.106.214 - - [13/Jan/2023:06:46:17 +0100] "GET / HTTP/1.1" 301 301 "-" "Mozilla/5.0 zgrab/0.x" 152.89.196.211 - - [13/Jan/2023:07:03:21 +0100] "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 301 327 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 193.118.53.210 - - [13/Jan/2023:07:17:34 +0100] "GET / HTTP/1.1" 301 301 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" 193.118.53.210 - - [13/Jan/2023:07:17:40 +0100] "GET /showLogin.cc HTTP/1.1" 301 311 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" 185.180.143.71 - - [13/Jan/2023:08:02:30 +0100] "GET / HTTP/1.1" 301 301 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" 194.110.203.44 - - [13/Jan/2023:08:18:15 +0100] "GET /database/localhostdb.zip HTTP/1.1" 301 401 "-" "Firefox" 152.89.196.211 - - [13/Jan/2023:08:44:25 +0100] "GET / HTTP/1.1" 301 301 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 4.184.57.28 - - [13/Jan/2023:09:14:21 +0100] "GET / HTTP/1.1" 301 301 "-" "Python/3.10 aiohttp/3.8.3" 205.210.31.3 - - [13/Jan/2023:09:22:07 +0100] "GET / HTTP/1.1" 301 380 "-" "Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com" 183.136.225.32 - - [13/Jan/2023:10:31:10 +0100] "GET / HTTP/1.1" 301 383 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:47.0) Gecko/20100101 Firefox/47.0" 183.136.225.32 - - [13/Jan/2023:10:36:57 +0100] "GET / HTTP/1.1" 301 301 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE" 183.136.225.32 - - [13/Jan/2023:10:37:24 +0100] "GET /favicon.ico HTTP/1.1" 301 309 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE" 183.136.225.32 - - [13/Jan/2023:10:37:50 +0100] "GET /robots.txt HTTP/1.1" 301 308 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE" 20.120.217.166 - - [13/Jan/2023:12:08:51 +0100] "GET /.git/config HTTP/1.1" 301 310 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" 92.118.36.206 - - [13/Jan/2023:13:31:26 +0100] "GET / HTTP/1.1" 301 301 "-" "Mozilla/5.0 (Linux; Android 11; Pixel 4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Mobile Safari/537.36" 194.110.203.46 - - [13/Jan/2023:13:36:44 +0100] "GET /database/localhost-db.zip HTTP/1.1" 301 402 "-" "Firefox" 109.237.98.53 - - [13/Jan/2023:14:22:22 +0100] "GET /.env HTTP/1.1" 301 310 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.53 - - [13/Jan/2023:14:22:22 +0100] "POST /.env HTTP/1.1" 301 310 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.53 - - [13/Jan/2023:14:22:23 +0100] "GET /.aws/credentials HTTP/1.1" 301 317 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.53 - - [13/Jan/2023:14:22:24 +0100] "POST /.aws/credentials HTTP/1.1" 301 317 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.53 - - [13/Jan/2023:14:22:24 +0100] "GET /.aws/config HTTP/1.1" 301 315 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.53 - - [13/Jan/2023:14:22:25 +0100] "POST /.aws/config HTTP/1.1" 301 315 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.53 - - [13/Jan/2023:14:22:25 +0100] "GET /aws/credentials HTTP/1.1" 301 316 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.53 - - [13/Jan/2023:14:22:26 +0100] "POST /aws/credentials HTTP/1.1" 301 316 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.53 - - [13/Jan/2023:14:22:27 +0100] "GET /credentials HTTP/1.1" 301 314 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.53 - - [13/Jan/2023:14:22:27 +0100] "POST /credentials HTTP/1.1" 301 314 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.53 - - [13/Jan/2023:14:22:28 +0100] "GET /test.php HTTP/1.1" 301 312 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.53 - - [13/Jan/2023:14:22:29 +0100] "POST /test.php HTTP/1.1" 301 312 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.53 - - [13/Jan/2023:14:22:29 +0100] "GET /laravel/.env HTTP/1.1" 301 315 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.53 - - [13/Jan/2023:14:22:30 +0100] "POST /laravel/.env HTTP/1.1" 301 315 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.53 - - [13/Jan/2023:14:22:30 +0100] "GET /demo/.env HTTP/1.1" 301 313 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.53 - - [13/Jan/2023:14:22:31 +0100] "POST /demo/.env HTTP/1.1" 301 313 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.53 - - [13/Jan/2023:14:22:31 +0100] "GET /web/.env HTTP/1.1" 301 312 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.53 - - [13/Jan/2023:14:22:32 +0100] "POST /web/.env HTTP/1.1" 301 312 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.53 - - [13/Jan/2023:14:22:33 +0100] "GET /phpinfo HTTP/1.1" 301 312 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.53 - - [13/Jan/2023:14:22:33 +0100] "POST /phpinfo HTTP/1.1" 301 312 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 138.68.165.181 - - [13/Jan/2023:15:02:26 +0100] "POST / HTTP/1.1" 301 301 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 138.68.165.181 - - [13/Jan/2023:15:02:30 +0100] "GET /.env HTTP/1.1" 301 304 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 138.68.165.181 - - [13/Jan/2023:15:02:34 +0100] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 301 331 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 208.100.26.235 - - [13/Jan/2023:15:23:24 +0100] "HEAD /core/misc/drupal.js HTTP/1.1" 301 - "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.92 Safari/537.36" 205.210.31.55 - - [13/Jan/2023:15:39:55 +0100] "GET / HTTP/1.1" 301 385 "-" "Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com" 159.203.192.9 - - [13/Jan/2023:15:40:18 +0100] "GET /autodiscover/autodiscover.json?@zdi/Powershell HTTP/1.1" 301 328 "-" "Mozilla/5.0 zgrab/0.x" 194.110.203.47 - - [13/Jan/2023:15:55:19 +0100] "GET /database/localhost_database.zip HTTP/1.1" 301 425 "-" "Firefox" 178.79.182.14 - - [13/Jan/2023:15:58:29 +0100] "GET / HTTP/1.1" 301 301 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:8.0) Gecko/20100101 Firefox/8.0" 198.235.24.22 - - [13/Jan/2023:16:18:47 +0100] "GET / HTTP/1.1" 301 398 "-" "Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com" 74.82.47.4 - - [13/Jan/2023:16:26:30 +0100] "GET / HTTP/1.1" 301 301 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.126 Safari/537.36" 74.82.47.4 - - [13/Jan/2023:16:36:44 +0100] "GET /favicon.ico HTTP/1.1" 301 309 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36" 74.82.47.4 - - [13/Jan/2023:16:41:08 +0100] "GET / HTTP/1.1" 301 301 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.6.1 Safari/605.1.15" 74.82.47.4 - - [13/Jan/2023:16:42:33 +0100] "GET /.git/config HTTP/1.1" 301 310 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36" 198.235.24.142 - - [13/Jan/2023:17:17:17 +0100] "GET / HTTP/1.1" 301 383 "-" "Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com" 139.162.238.243 - - [13/Jan/2023:18:00:49 +0100] "GET / HTTP/1.1" 301 301 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" 194.110.203.38 - - [13/Jan/2023:18:17:55 +0100] "GET /database/localhost-database.zip HTTP/1.1" 301 425 "-" "Firefox" 138.246.253.24 - - [13/Jan/2023:19:02:17 +0100] "GET /robots.txt HTTP/1.1" 301 403 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36" 192.241.215.17 - - [13/Jan/2023:19:19:16 +0100] "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 301 335 "-" "Mozilla/5.0 zgrab/0.x" 194.110.203.45 - - [13/Jan/2023:20:01:15 +0100] "GET /database/klub.kornland.atdb.zip HTTP/1.1" 301 417 "-" "Firefox" 194.110.203.42 - - [13/Jan/2023:20:09:36 +0100] "GET /database/harm.atdb.zip HTTP/1.1" 301 399 "-" "Firefox" 167.94.138.62 - - [13/Jan/2023:20:10:38 +0100] "GET / HTTP/1.1" 301 383 "-" "-" 167.94.138.62 - - [13/Jan/2023:20:10:38 +0100] "GET / HTTP/1.1" 301 301 "-" "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)" 167.94.138.62 - - [13/Jan/2023:20:10:39 +0100] "PRI * HTTP/2.0" 400 379 "-" "-" 198.235.24.46 - - [13/Jan/2023:20:52:39 +0100] "GET / HTTP/1.1" 301 377 "-" "Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com" 138.246.253.24 - - [13/Jan/2023:21:15:44 +0100] "GET /robots.txt HTTP/1.1" 301 404 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36" 161.35.90.171 - - [13/Jan/2023:21:32:25 +0100] "GET /login.php HTTP/1.1" 301 308 "-" "'Mozilla/5.0'" 45.14.226.53 - - [13/Jan/2023:22:01:42 +0100] "{\"id\": 1, \"method\": \"mining.subscribe\", \"params\": [\"cpuminer/2.5.1\"]}" 400 379 "-" "-" 45.14.226.53 - - [13/Jan/2023:22:01:49 +0100] "{\"id\": 1, \"method\": \"mining.subscribe\", \"params\": [\"MinerName/1.0.0\", \"EthereumStratum/1.0.0\"]}" 400 379 "-" "-" 45.14.226.53 - - [13/Jan/2023:22:01:52 +0100] "{\"id\":1,\"method\":\"eth_submitLogin\",\"worker\":\"eth1.0\",\"params\":[\"0x72aa40094d3ef2671063272fcd8124b687946c7b\",\"x\"],\"jsonrpc\":\"2.0\"}" 400 379 "-" "-" 45.14.226.53 - - [13/Jan/2023:22:01:56 +0100] "{\"id\":1,\"jsonrpc\":\"2.0\",\"method\":\"login\",\"params\":{\"login\":\"49ugAbU7N7zbRNRwnYaCbLRvKfECy892Q4hRKh9kMXLcePjTWdp4Kjg1nHh1GidoD7ZRDfL3bbRwK8ySNt9ygnqNCcrRujW\",\"pass\":\"x\",\"agent\":\"XMRig/6.15.3 (Windows NT 10.0; Win64; x64) libuv/1.42.0 msvc/2019\",\"algo\":[\"cn/1\",\"cn/2\",\"cn/r\",\"cn/fast\",\"cn/half\",\"cn/xao\",\"cn/rto\",\"cn/rwz\",\"cn/zls\",\"cn/double\",\"cn/ccx\",\"cn-lite/1\",\"cn-heavy/0\",\"cn-heavy/tube\",\"cn-heavy/xhv\",\"cn-pico\",\"cn-pico/tlo\",\"cn/upx2\",\"rx/0\",\"rx/wow\",\"rx/arq\",\"rx/graft\",\"rx/sfx\",\"rx/keva\",\"argon2/chukwa\",\"argon2/chukwav2\",\"argon2/ninja\",\"astrobwt\"]}}" 400 379 "-" "-" 45.14.226.53 - - [13/Jan/2023:22:02:02 +0100] "GET / HTTP/1.1" 301 301 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36" 45.14.226.53 - - [13/Jan/2023:22:02:08 +0100] "POST / HTTP/1.1" 301 301 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36" 45.14.226.53 - - [13/Jan/2023:22:02:14 +0100] "POST / HTTP/1.1" 301 301 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36" 45.14.226.53 - - [13/Jan/2023:22:02:22 +0100] "GET /WuEL HTTP/1.1" 301 387 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; ; NCLIENT50_AAPCDA5841E333)" 45.14.226.53 - - [13/Jan/2023:22:02:28 +0100] "GET stager64 HTTP/1.1" 400 293 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36" 45.14.226.53 - - [13/Jan/2023:22:02:32 +0100] "GET /a HTTP/1.1" 301 302 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36" 45.14.226.53 - - [13/Jan/2023:22:02:35 +0100] "GET /download/file.ext HTTP/1.1" 301 313 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36" 45.14.226.53 - - [13/Jan/2023:22:02:37 +0100] "GET /SiteLoader HTTP/1.1" 301 307 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36" 45.14.226.53 - - [13/Jan/2023:22:02:49 +0100] "GET /mPlayer HTTP/1.1" 301 306 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36" 35.87.7.128 - - [13/Jan/2023:22:22:31 +0100] "GET / HTTP/1.1" 301 307 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 34.221.78.171 - - [13/Jan/2023:22:23:10 +0100] "GET / HTTP/1.1" 301 307 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 54.187.163.132 - - [13/Jan/2023:22:23:48 +0100] "GET /favicon.ico HTTP/1.1" 301 314 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 35.86.156.6 - - [13/Jan/2023:22:23:58 +0100] "GET /favicon.ico HTTP/1.1" 301 314 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 34.220.156.5 - - [13/Jan/2023:22:24:07 +0100] "GET /favicon.ico HTTP/1.1" 301 314 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 183.136.225.32 - - [13/Jan/2023:22:35:20 +0100] "GET / HTTP/1.1" 301 383 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:47.0) Gecko/20100101 Firefox/47.0" 183.136.225.32 - - [13/Jan/2023:22:40:22 +0100] "GET / HTTP/1.1" 301 301 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE" 183.136.225.32 - - [13/Jan/2023:22:40:45 +0100] "GET /favicon.ico HTTP/1.1" 301 309 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE" 183.136.225.32 - - [13/Jan/2023:22:41:12 +0100] "GET /robots.txt HTTP/1.1" 301 308 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE" 198.235.24.15 - - [13/Jan/2023:22:53:34 +0100] "GET / HTTP/1.1" 301 377 "-" "Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com" 103.149.192.110 - - [13/Jan/2023:23:04:48 +0100] "GET / HTTP/1.1" 301 301 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 198.235.24.5 - - [13/Jan/2023:23:41:47 +0100] "GET / HTTP/1.1" 301 381 "-" "Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com" 128.14.141.34 - - [14/Jan/2023:00:00:14 +0100] "GET / HTTP/1.1" 301 301 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" 194.110.203.44 - - [14/Jan/2023:00:13:11 +0100] "GET /database/easyzumfuehrerschein.com-db.zip HTTP/1.1" 301 434 "-" "Firefox" 34.77.127.183 - - [14/Jan/2023:00:16:13 +0100] "GET / HTTP/1.1" 301 301 "-" "python-requests/2.28.1" 185.180.143.6 - - [14/Jan/2023:00:22:24 +0100] "GET / HTTP/1.1" 301 301 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" 109.237.98.226 - - [14/Jan/2023:00:41:50 +0100] "GET /.env HTTP/1.1" 301 304 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [14/Jan/2023:00:41:51 +0100] "POST /.env HTTP/1.1" 301 304 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [14/Jan/2023:00:41:53 +0100] "GET /.aws/credentials HTTP/1.1" 301 311 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [14/Jan/2023:00:41:54 +0100] "POST /.aws/credentials HTTP/1.1" 301 311 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [14/Jan/2023:00:41:55 +0100] "GET /.aws/config HTTP/1.1" 301 310 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [14/Jan/2023:00:41:56 +0100] "POST /.aws/config HTTP/1.1" 301 310 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [14/Jan/2023:00:41:57 +0100] "GET /aws/credentials HTTP/1.1" 301 310 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [14/Jan/2023:00:41:57 +0100] "POST /aws/credentials HTTP/1.1" 301 310 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [14/Jan/2023:00:41:59 +0100] "GET /credentials HTTP/1.1" 301 308 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [14/Jan/2023:00:42:00 +0100] "POST /credentials HTTP/1.1" 301 308 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [14/Jan/2023:00:42:01 +0100] "GET /test.php HTTP/1.1" 301 306 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [14/Jan/2023:00:42:02 +0100] "POST /test.php HTTP/1.1" 301 306 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [14/Jan/2023:00:42:03 +0100] "GET /laravel/.env HTTP/1.1" 301 309 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [14/Jan/2023:00:42:04 +0100] "POST /laravel/.env HTTP/1.1" 301 309 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [14/Jan/2023:00:42:05 +0100] "GET /demo/.env HTTP/1.1" 301 307 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [14/Jan/2023:00:42:06 +0100] "POST /demo/.env HTTP/1.1" 301 307 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [14/Jan/2023:00:42:07 +0100] "GET /web/.env HTTP/1.1" 301 307 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [14/Jan/2023:00:42:08 +0100] "POST /web/.env HTTP/1.1" 301 307 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [14/Jan/2023:00:42:09 +0100] "GET /phpinfo HTTP/1.1" 301 307 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 109.237.98.226 - - [14/Jan/2023:00:42:10 +0100] "POST /phpinfo HTTP/1.1" 301 307 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"