[24/Nov/2022:01:58:48 +0100] 194.110.203.47 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /easyzumfuehrerschein_db.tar HTTP/1.1" 421
[24/Nov/2022:01:59:05 +0100] 54.213.246.125 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[24/Nov/2022:01:59:29 +0100] 34.220.104.62 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 302
[24/Nov/2022:01:59:32 +0100] 34.220.104.62 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[24/Nov/2022:02:05:48 +0100] 198.12.252.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /klub_db.tar HTTP/1.1" 397
[24/Nov/2022:02:12:57 +0100] 194.110.203.39 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /harm_db.tar HTTP/1.1" 388
[24/Nov/2022:04:05:14 +0100] 192.241.212.71 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx HTTP/1.1" 314
[24/Nov/2022:04:12:52 +0100] 192.241.203.37 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[24/Nov/2022:04:13:17 +0100] 192.241.210.196 TLSv1.2 AES256-SHA "GET /owa/auth/x.js HTTP/1.1" 310
[24/Nov/2022:04:13:57 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[24/Nov/2022:04:13:57 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.env HTTP/1.1" 304
[24/Nov/2022:04:13:58 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/credentials HTTP/1.1" 311
[24/Nov/2022:04:13:58 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/credentials HTTP/1.1" 311
[24/Nov/2022:04:13:59 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/config HTTP/1.1" 310
[24/Nov/2022:04:13:59 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/config HTTP/1.1" 310
[24/Nov/2022:04:14:00 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /aws/credentials HTTP/1.1" 310
[24/Nov/2022:04:14:00 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /aws/credentials HTTP/1.1" 310
[24/Nov/2022:04:14:01 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /credentials HTTP/1.1" 308
[24/Nov/2022:04:14:01 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /credentials HTTP/1.1" 308
[24/Nov/2022:04:14:02 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /test.php HTTP/1.1" 306
[24/Nov/2022:04:14:02 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /test.php HTTP/1.1" 306
[24/Nov/2022:04:14:02 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /laravel/.env HTTP/1.1" 309
[24/Nov/2022:04:14:03 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /laravel/.env HTTP/1.1" 309
[24/Nov/2022:04:14:04 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /demo/.env HTTP/1.1" 307
[24/Nov/2022:04:14:05 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /demo/.env HTTP/1.1" 307
[24/Nov/2022:04:14:05 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /web/.env HTTP/1.1" 307
[24/Nov/2022:04:14:06 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /web/.env HTTP/1.1" 307
[24/Nov/2022:04:14:06 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /phpinfo HTTP/1.1" 307
[24/Nov/2022:04:14:07 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /phpinfo HTTP/1.1" 307
[24/Nov/2022:05:01:04 +0100] 87.236.176.221 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[24/Nov/2022:05:02:38 +0100] 106.75.223.209 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[24/Nov/2022:05:10:38 +0100] 192.241.205.24 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[24/Nov/2022:05:14:09 +0100] 185.180.143.79 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[24/Nov/2022:05:28:29 +0100] 2.57.122.86 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[24/Nov/2022:05:28:29 +0100] 2.57.122.86 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[24/Nov/2022:05:28:29 +0100] 2.57.122.86 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[24/Nov/2022:05:28:29 +0100] 2.57.122.86 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[24/Nov/2022:05:28:30 +0100] 2.57.122.86 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 297
[24/Nov/2022:05:30:01 +0100] 83.136.32.58 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "HEAD / HTTP/1.0" -
[24/Nov/2022:06:06:18 +0100] 194.110.203.39 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /klub_database.tar HTTP/1.1" 403
[24/Nov/2022:07:41:13 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327
[24/Nov/2022:07:51:19 +0100] 194.110.203.44 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /easyzumfuehrerschein_database.tar HTTP/1.1" 427
[24/Nov/2022:07:52:14 +0100] 192.241.209.234 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[24/Nov/2022:08:02:22 +0100] 194.110.203.39 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /harm-database.tar HTTP/1.1" 394
[24/Nov/2022:08:02:44 +0100] 194.110.203.40 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /klub-database.tar HTTP/1.1" 403
[24/Nov/2022:08:48:24 +0100] 192.241.193.148 TLSv1.2 AES256-SHA "GET /actuator/health HTTP/1.1" 310
[24/Nov/2022:09:30:40 +0100] 194.110.203.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /easyzumfuehrerschein-database.tar HTTP/1.1" 427
[24/Nov/2022:09:41:02 +0100] 194.110.203.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /harm_dump.tar HTTP/1.1" 390
[24/Nov/2022:10:01:56 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /actuator/gateway/routes HTTP/1.1" 315
[24/Nov/2022:10:02:22 +0100] 64.62.197.188 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[24/Nov/2022:10:07:29 +0100] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /easyzumfuehrerschein_dump.tar HTTP/1.1" 423
[24/Nov/2022:10:12:26 +0100] 64.62.197.189 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[24/Nov/2022:10:16:44 +0100] 64.62.197.184 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[24/Nov/2022:10:17:48 +0100] 64.62.197.196 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 310
[24/Nov/2022:11:02:52 +0100] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /klub_dump.tar HTTP/1.1" 399
[24/Nov/2022:11:35:52 +0100] 159.223.234.110 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[24/Nov/2022:12:01:34 +0100] 161.35.98.147 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.git/config HTTP/1.1" 310
[24/Nov/2022:12:26:59 +0100] 185.252.178.103 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /cpanel HTTP/1.1" 299
[24/Nov/2022:12:47:39 +0100] 198.20.87.98 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[24/Nov/2022:12:47:51 +0100] 198.20.87.98 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[24/Nov/2022:12:47:52 +0100] 198.20.87.98 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[24/Nov/2022:12:47:53 +0100] 198.20.87.98 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[24/Nov/2022:12:47:57 +0100] 198.20.87.98 TLSv1.2 AES256-SHA "quit" 379
[24/Nov/2022:12:48:01 +0100] 198.20.87.98 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 393
[24/Nov/2022:12:48:03 +0100] 198.20.87.98 TLSv1.2 AES256-SHA "GET /sitemap.xml HTTP/1.1" 394
[24/Nov/2022:12:48:04 +0100] 198.20.87.98 TLSv1.2 AES256-SHA "GET /.well-known/security.txt HTTP/1.1" 407
[24/Nov/2022:12:48:08 +0100] 198.20.87.98 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /favicon.ico HTTP/1.1" 309
[24/Nov/2022:12:48:10 +0100] 198.20.87.98 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[24/Nov/2022:13:01:34 +0100] 43.128.225.197 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[24/Nov/2022:13:02:02 +0100] 43.128.225.197 - - "-" -
[24/Nov/2022:13:24:45 +0100] 194.110.203.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /easyzumfuehrerscheinbackup.tar HTTP/1.1" 424
[24/Nov/2022:14:09:13 +0100] 2.57.122.8 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[24/Nov/2022:14:09:13 +0100] 2.57.122.8 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[24/Nov/2022:14:09:13 +0100] 2.57.122.8 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[24/Nov/2022:14:09:13 +0100] 2.57.122.8 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[24/Nov/2022:14:09:14 +0100] 2.57.122.8 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 297
[24/Nov/2022:14:55:35 +0100] 103.10.62.92 TLSv1.2 AES256-SHA "GET /Electron/download/windows/%5CProgram%20Files%5C3CX%20Phone%20System%5CData%5CDB%5Cbase%5C16384%5C16393 HTTP/1.1" 369
[24/Nov/2022:15:07:08 +0100] 45.134.144.48 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET ///remote/fgt_lang?lang=/../../../..//////////dev/ HTTP/1.1" 325
[24/Nov/2022:15:10:36 +0100] 194.110.203.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /klub_backup.tar HTTP/1.1" 401
[24/Nov/2022:15:53:13 +0100] 194.110.203.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /easyzumfuehrerschein_backup.tar HTTP/1.1" 425
[24/Nov/2022:16:13:35 +0100] 161.35.98.147 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.git/config HTTP/1.1" 310
[24/Nov/2022:16:39:12 +0100] 93.159.230.88 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 304
[24/Nov/2022:16:49:24 +0100] 185.7.214.218 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[24/Nov/2022:17:19:06 +0100] 194.110.203.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /klub-backup.tar HTTP/1.1" 401
[24/Nov/2022:17:39:08 +0100] 93.159.230.88 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 304
[24/Nov/2022:17:49:08 +0100] 103.133.105.200 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[24/Nov/2022:17:49:11 +0100] 103.133.105.200 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 301
[24/Nov/2022:18:10:36 +0100] 152.32.180.171 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[24/Nov/2022:18:10:45 +0100] 152.32.180.171 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[24/Nov/2022:18:11:03 +0100] 152.32.180.171 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 308
[24/Nov/2022:18:11:23 +0100] 152.32.180.171 TLSv1.2 AES256-SHA "GET /sitemap.xml HTTP/1.1" 309
[24/Nov/2022:18:19:13 +0100] 194.110.203.60 TLSv1.2 AES256-SHA "POST /user/register?element_parents=account/mail/%23value&ajax_form=1&_wrapper_format=drupal_ajax HTTP/1.1" 373
[24/Nov/2022:18:37:47 +0100] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backupharm.tar HTTP/1.1" 391
[24/Nov/2022:18:39:18 +0100] 93.159.230.89 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 304
[24/Nov/2022:19:31:09 +0100] 183.136.225.32 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[24/Nov/2022:19:32:07 +0100] 183.136.225.32 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[24/Nov/2022:19:33:13 +0100] 183.136.225.32 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 308
[24/Nov/2022:19:39:32 +0100] 93.159.230.89 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 304
[24/Nov/2022:19:58:57 +0100] 208.100.26.237 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 298
[24/Nov/2022:20:28:54 +0100] 35.216.130.245 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[24/Nov/2022:20:39:40 +0100] 77.74.177.119 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 304
[24/Nov/2022:21:04:41 +0100] 161.35.98.147 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.git/config HTTP/1.1" 310
[24/Nov/2022:21:32:05 +0100] 167.94.146.57 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[24/Nov/2022:21:32:05 +0100] 167.94.146.57 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[24/Nov/2022:21:32:05 +0100] 167.94.146.57 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[24/Nov/2022:21:39:49 +0100] 93.159.230.88 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 304
[24/Nov/2022:21:53:49 +0100] 161.35.98.147 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.git/config HTTP/1.1" 310
[24/Nov/2022:22:26:27 +0100] 194.110.203.39 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backup_easyzumfuehrerschein.tar HTTP/1.1" 425
[24/Nov/2022:22:39:57 +0100] 77.74.177.119 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 304
[24/Nov/2022:22:41:07 +0100] 194.110.203.39 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backup_harm.tar HTTP/1.1" 392
[24/Nov/2022:23:38:53 +0100] 192.241.205.41 TLSv1.2 AES256-SHA "GET /autodiscover/autodiscover.json?@zdi/Powershell HTTP/1.1" 328
[24/Nov/2022:23:39:57 +0100] 93.159.230.89 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 304
[25/Nov/2022:00:11:53 +0100] 52.24.76.70 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 306
[25/Nov/2022:00:11:59 +0100] 43.129.24.224 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /dns-query HTTP/1.1" 392
[25/Nov/2022:00:12:06 +0100] 52.24.76.70 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 306
[25/Nov/2022:00:12:42 +0100] 35.166.196.0 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 306
[25/Nov/2022:00:12:42 +0100] 35.166.196.0 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 306
[25/Nov/2022:00:15:05 +0100] 34.76.158.233 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[25/Nov/2022:00:40:25 +0100] 77.74.177.119 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 304
[25/Nov/2022:00:45:29 +0100] 194.110.203.39 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /db.7z HTTP/1.1" 399
[25/Nov/2022:00:48:08 +0100] 194.110.203.39 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /db.7z HTTP/1.1" 382