[27/Nov/2022:01:59:05 +0100] 93.159.230.83 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 302
[27/Nov/2022:02:19:14 +0100] 212.102.36.10 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 299
[27/Nov/2022:02:19:15 +0100] 212.102.36.10 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 299
[27/Nov/2022:02:23:12 +0100] 184.105.139.119 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[27/Nov/2022:02:32:33 +0100] 87.236.176.66 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[27/Nov/2022:02:34:38 +0100] 184.105.139.103 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[27/Nov/2022:02:39:45 +0100] 184.105.139.123 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[27/Nov/2022:02:42:15 +0100] 184.105.139.115 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 310
[27/Nov/2022:02:59:00 +0100] 93.159.230.88 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 302
[27/Nov/2022:03:05:46 +0100] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /klub-dump.7z HTTP/1.1" 398
[27/Nov/2022:03:07:19 +0100] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /easyzumfuehrerschein-dump.7z HTTP/1.1" 422
[27/Nov/2022:03:10:56 +0100] 185.81.68.191 - - "-" -
[27/Nov/2022:03:59:45 +0100] 93.159.230.87 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 302
[27/Nov/2022:04:01:37 +0100] 194.110.203.40 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /harm-dump.7z HTTP/1.1" 389
[27/Nov/2022:04:14:45 +0100] 103.149.192.117 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[27/Nov/2022:04:57:54 +0100] 194.110.203.44 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /easyzumfuehrerscheinbackup.7z HTTP/1.1" 423
[27/Nov/2022:05:05:58 +0100] 128.14.134.170 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[27/Nov/2022:05:17:58 +0100] 198.199.94.93 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[27/Nov/2022:06:14:08 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[27/Nov/2022:06:14:08 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.env HTTP/1.1" 304
[27/Nov/2022:06:14:09 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/credentials HTTP/1.1" 311
[27/Nov/2022:06:14:09 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/credentials HTTP/1.1" 311
[27/Nov/2022:06:14:10 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/config HTTP/1.1" 310
[27/Nov/2022:06:14:10 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/config HTTP/1.1" 310
[27/Nov/2022:06:14:11 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /aws/credentials HTTP/1.1" 310
[27/Nov/2022:06:14:11 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /aws/credentials HTTP/1.1" 310
[27/Nov/2022:06:14:12 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /credentials HTTP/1.1" 308
[27/Nov/2022:06:14:12 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /credentials HTTP/1.1" 308
[27/Nov/2022:06:14:13 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /test.php HTTP/1.1" 306
[27/Nov/2022:06:14:13 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /test.php HTTP/1.1" 306
[27/Nov/2022:06:14:13 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /laravel/.env HTTP/1.1" 309
[27/Nov/2022:06:14:14 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /laravel/.env HTTP/1.1" 309
[27/Nov/2022:06:14:14 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /demo/.env HTTP/1.1" 307
[27/Nov/2022:06:14:15 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /demo/.env HTTP/1.1" 307
[27/Nov/2022:06:14:15 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /web/.env HTTP/1.1" 307
[27/Nov/2022:06:14:16 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /web/.env HTTP/1.1" 307
[27/Nov/2022:06:14:16 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /phpinfo HTTP/1.1" 307
[27/Nov/2022:06:14:17 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /phpinfo HTTP/1.1" 307
[27/Nov/2022:06:37:37 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[27/Nov/2022:06:50:48 +0100] 194.110.203.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /klub_backup.7z HTTP/1.1" 400
[27/Nov/2022:06:54:46 +0100] 185.7.214.218 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[27/Nov/2022:06:59:11 +0100] 93.159.230.89 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 302
[27/Nov/2022:07:16:36 +0100] 194.110.203.40 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /harm_backup.7z HTTP/1.1" 391
[27/Nov/2022:07:25:40 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[27/Nov/2022:07:57:29 +0100] 192.241.199.219 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[27/Nov/2022:07:59:34 +0100] 93.159.230.87 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 302
[27/Nov/2022:08:45:11 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "POST /mifs/.;/services/LogService HTTP/1.1" 318
[27/Nov/2022:09:01:09 +0100] 93.159.230.87 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 302
[27/Nov/2022:09:06:50 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /console/ HTTP/1.1" 307
[27/Nov/2022:09:13:38 +0100] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /harm-backup.7z HTTP/1.1" 391
[27/Nov/2022:09:20:18 +0100] 192.241.198.235 TLSv1.2 AES256-SHA "GET /autodiscover/autodiscover.json?@zdi/Powershell HTTP/1.1" 328
[27/Nov/2022:10:00:54 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[27/Nov/2022:10:29:46 +0100] 185.180.143.143 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 297
[27/Nov/2022:10:54:39 +0100] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backupklub.7z HTTP/1.1" 399
[27/Nov/2022:11:08:46 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /actuator/gateway/routes HTTP/1.1" 315
[27/Nov/2022:12:20:18 +0100] 193.118.53.210 TLSv1.2 AES256-SHA "GET /cgi-bin/config.exp HTTP/1.1" 315
[27/Nov/2022:13:29:11 +0100] 194.110.203.47 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backup-harm.7z HTTP/1.1" 391
[27/Nov/2022:14:07:05 +0100] 164.52.54.35 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[27/Nov/2022:14:07:34 +0100] 164.52.54.35 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /favicon.ico HTTP/1.1" 394
[27/Nov/2022:14:31:20 +0100] 193.118.53.194 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[27/Nov/2022:15:29:44 +0100] 192.241.210.142 TLSv1.2 AES256-SHA "GET /actuator/health HTTP/1.1" 310
[27/Nov/2022:16:08:07 +0100] 162.248.160.43 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /administration/ac-admin/css/admin-calendar.css HTTP/1.1" 437
[27/Nov/2022:16:27:24 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[27/Nov/2022:16:27:24 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.env HTTP/1.1" 304
[27/Nov/2022:16:27:24 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/credentials HTTP/1.1" 311
[27/Nov/2022:16:27:25 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/credentials HTTP/1.1" 311
[27/Nov/2022:16:27:25 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/config HTTP/1.1" 310
[27/Nov/2022:16:27:26 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/config HTTP/1.1" 310
[27/Nov/2022:16:27:26 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /aws/credentials HTTP/1.1" 310
[27/Nov/2022:16:27:27 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /aws/credentials HTTP/1.1" 310
[27/Nov/2022:16:27:27 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /credentials HTTP/1.1" 308
[27/Nov/2022:16:27:28 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /credentials HTTP/1.1" 308
[27/Nov/2022:16:27:28 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /test.php HTTP/1.1" 306
[27/Nov/2022:16:27:29 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /test.php HTTP/1.1" 306
[27/Nov/2022:16:27:29 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /laravel/.env HTTP/1.1" 309
[27/Nov/2022:16:27:30 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /laravel/.env HTTP/1.1" 309
[27/Nov/2022:16:27:30 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /demo/.env HTTP/1.1" 307
[27/Nov/2022:16:27:31 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /demo/.env HTTP/1.1" 307
[27/Nov/2022:16:27:31 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /web/.env HTTP/1.1" 307
[27/Nov/2022:16:27:32 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /web/.env HTTP/1.1" 307
[27/Nov/2022:16:27:32 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /phpinfo HTTP/1.1" 307
[27/Nov/2022:16:27:32 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /phpinfo HTTP/1.1" 307
[27/Nov/2022:16:28:58 +0100] 162.142.125.121 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[27/Nov/2022:16:28:59 +0100] 162.142.125.121 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[27/Nov/2022:17:06:24 +0100] 185.7.214.218 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[27/Nov/2022:18:00:51 +0100] 167.94.138.61 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[27/Nov/2022:18:00:52 +0100] 167.94.138.61 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[27/Nov/2022:18:00:53 +0100] 167.94.138.61 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[27/Nov/2022:18:05:34 +0100] 51.222.253.19 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /robots.txt HTTP/1.1" 315
[27/Nov/2022:18:05:41 +0100] 54.36.148.21 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 308
[27/Nov/2022:18:41:53 +0100] 64.227.188.168 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 374
[27/Nov/2022:18:48:15 +0100] 194.110.203.40 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /klub.kornland.atdb.7z HTTP/1.1" 407
[27/Nov/2022:18:50:24 +0100] 194.110.203.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /harm.atdb.7z HTTP/1.1" 389
[27/Nov/2022:18:54:57 +0100] 43.128.232.139 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[27/Nov/2022:18:55:24 +0100] 43.128.232.139 - - "-" -
[27/Nov/2022:19:06:14 +0100] 154.89.5.100 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[27/Nov/2022:19:30:44 +0100] 54.36.148.245 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /robots.txt HTTP/1.1" 314
[27/Nov/2022:19:30:45 +0100] 54.36.148.183 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 307
[27/Nov/2022:20:27:23 +0100] 128.1.248.42 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[27/Nov/2022:21:19:49 +0100] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /easyzumfuehrerschein.com_db.7z HTTP/1.1" 424
[27/Nov/2022:21:32:27 +0100] 194.110.203.44 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /harm.at_db.7z HTTP/1.1" 390
[27/Nov/2022:22:25:54 +0100] 34.221.185.197 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[27/Nov/2022:22:27:39 +0100] 54.200.202.232 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[27/Nov/2022:22:28:12 +0100] 34.220.87.125 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 314
[27/Nov/2022:22:28:12 +0100] 35.86.207.38 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 314
[27/Nov/2022:22:59:35 +0100] 167.94.146.60 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[27/Nov/2022:22:59:35 +0100] 167.94.146.60 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[27/Nov/2022:22:59:35 +0100] 167.94.146.60 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[27/Nov/2022:23:58:00 +0100] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /harm.at-db.7z HTTP/1.1" 390
[27/Nov/2022:23:59:43 +0100] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /easyzumfuehrerschein.com-db.7z HTTP/1.1" 424
[28/Nov/2022:00:15:08 +0100] 35.195.93.98 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301