[03/Dec/2022:01:02:37 +0100] 54.68.9.22 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[03/Dec/2022:01:03:02 +0100] 18.237.7.35 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 302
[03/Dec/2022:01:21:15 +0100] 194.110.203.44 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /harm_database.rar HTTP/1.1" 394
[03/Dec/2022:01:42:56 +0100] 213.32.122.82 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[03/Dec/2022:02:44:02 +0100] 94.102.61.8 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[03/Dec/2022:03:39:08 +0100] 87.236.176.88 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[03/Dec/2022:04:07:31 +0100] 94.23.133.43 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.git/config HTTP/1.1" 405
[03/Dec/2022:04:07:32 +0100] 94.23.133.43 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.git/config HTTP/1.1" 388
[03/Dec/2022:04:07:35 +0100] 94.23.133.43 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.git/config HTTP/1.1" 391
[03/Dec/2022:04:07:36 +0100] 94.23.133.43 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.git/config HTTP/1.1" 396
[03/Dec/2022:04:44:41 +0100] 195.62.53.183 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 316
[03/Dec/2022:05:11:25 +0100] 194.110.203.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /klub_dump.rar HTTP/1.1" 399
[03/Dec/2022:05:16:54 +0100] 192.241.205.41 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[03/Dec/2022:05:51:15 +0100] 138.246.253.24 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 404
[03/Dec/2022:06:25:28 +0100] 198.235.24.150 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 377
[03/Dec/2022:06:52:48 +0100] 128.1.248.26 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[03/Dec/2022:06:57:44 +0100] 192.241.192.185 TLSv1.2 AES256-SHA "GET /actuator/health HTTP/1.1" 310
[03/Dec/2022:07:27:35 +0100] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /klub-dump.rar HTTP/1.1" 399
[03/Dec/2022:07:47:30 +0100] 88.214.56.237 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[03/Dec/2022:08:03:47 +0100] 194.110.203.39 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /harm-dump.rar HTTP/1.1" 390
[03/Dec/2022:08:06:34 +0100] 198.199.95.208 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[03/Dec/2022:08:09:13 +0100] 205.210.31.34 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 393
[03/Dec/2022:08:40:37 +0100] 198.235.24.167 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[03/Dec/2022:10:00:17 +0100] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /easyzumfuehrerscheinbackup.rar HTTP/1.1" 424
[03/Dec/2022:10:15:24 +0100] 194.110.203.39 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /harmbackup.rar HTTP/1.1" 391
[03/Dec/2022:10:20:53 +0100] 104.131.1.10 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[03/Dec/2022:10:20:54 +0100] 104.131.1.10 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304
[03/Dec/2022:10:20:57 +0100] 104.131.1.10 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[03/Dec/2022:11:47:45 +0100] 194.110.203.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /easyzumfuehrerschein-backup.rar HTTP/1.1" 425
[03/Dec/2022:11:51:10 +0100] 185.7.214.218 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[03/Dec/2022:11:55:09 +0100] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /harm-backup.rar HTTP/1.1" 392
[03/Dec/2022:12:15:59 +0100] 51.11.211.224 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /cgi-bin/luci HTTP/1.1" 395
[03/Dec/2022:13:07:52 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[03/Dec/2022:13:07:52 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.env HTTP/1.1" 304
[03/Dec/2022:13:07:53 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/credentials HTTP/1.1" 311
[03/Dec/2022:13:07:54 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/credentials HTTP/1.1" 311
[03/Dec/2022:13:07:54 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/config HTTP/1.1" 310
[03/Dec/2022:13:07:55 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/config HTTP/1.1" 310
[03/Dec/2022:13:07:55 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /aws/credentials HTTP/1.1" 310
[03/Dec/2022:13:07:55 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /aws/credentials HTTP/1.1" 310
[03/Dec/2022:13:07:56 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /credentials HTTP/1.1" 308
[03/Dec/2022:13:07:57 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /credentials HTTP/1.1" 308
[03/Dec/2022:13:07:57 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /test.php HTTP/1.1" 306
[03/Dec/2022:13:07:57 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /test.php HTTP/1.1" 306
[03/Dec/2022:13:07:58 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /laravel/.env HTTP/1.1" 309
[03/Dec/2022:13:07:59 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /laravel/.env HTTP/1.1" 309
[03/Dec/2022:13:07:59 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /demo/.env HTTP/1.1" 307
[03/Dec/2022:13:07:59 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /demo/.env HTTP/1.1" 307
[03/Dec/2022:13:08:00 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /web/.env HTTP/1.1" 307
[03/Dec/2022:13:08:00 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /web/.env HTTP/1.1" 307
[03/Dec/2022:13:08:01 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /phpinfo HTTP/1.1" 307
[03/Dec/2022:13:08:01 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /phpinfo HTTP/1.1" 307
[03/Dec/2022:13:12:21 +0100] 185.142.236.40 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[03/Dec/2022:13:12:37 +0100] 185.142.236.40 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[03/Dec/2022:13:12:39 +0100] 185.142.236.40 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[03/Dec/2022:13:12:40 +0100] 185.142.236.40 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[03/Dec/2022:13:12:44 +0100] 185.142.236.40 TLSv1.2 AES256-SHA "quit" 379
[03/Dec/2022:13:12:45 +0100] 185.142.236.40 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 393
[03/Dec/2022:13:12:46 +0100] 185.142.236.40 TLSv1.2 AES256-SHA "GET /sitemap.xml HTTP/1.1" 394
[03/Dec/2022:13:12:48 +0100] 185.142.236.40 TLSv1.2 AES256-SHA "GET /.well-known/security.txt HTTP/1.1" 407
[03/Dec/2022:13:12:52 +0100] 185.142.236.40 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /favicon.ico HTTP/1.1" 309
[03/Dec/2022:13:12:54 +0100] 185.142.236.40 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[03/Dec/2022:13:47:34 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[03/Dec/2022:13:58:21 +0100] 64.62.197.85 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[03/Dec/2022:14:06:29 +0100] 64.62.197.90 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[03/Dec/2022:14:09:59 +0100] 64.62.197.82 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[03/Dec/2022:14:10:48 +0100] 64.62.197.87 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 310
[03/Dec/2022:14:40:03 +0100] 194.110.203.44 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backupklub.rar HTTP/1.1" 400
[03/Dec/2022:15:17:22 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1" 390
[03/Dec/2022:16:19:31 +0100] 194.110.203.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backup-easyzumfuehrerschein.rar HTTP/1.1" 425
[03/Dec/2022:17:03:15 +0100] 192.241.206.98 TLSv1.2 AES256-SHA "GET /autodiscover/autodiscover.json?@zdi/Powershell HTTP/1.1" 328
[03/Dec/2022:17:46:17 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327
[03/Dec/2022:18:13:15 +0100] 183.136.225.32 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[03/Dec/2022:18:13:47 +0100] 205.210.31.25 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 394
[03/Dec/2022:18:19:50 +0100] 183.136.225.32 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[03/Dec/2022:18:20:11 +0100] 183.136.225.32 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 308
[03/Dec/2022:18:41:29 +0100] 194.110.203.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backup_harm.rar HTTP/1.1" 392
[03/Dec/2022:18:44:46 +0100] 194.110.203.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backup_easyzumfuehrerschein.rar HTTP/1.1" 425
[03/Dec/2022:21:00:08 +0100] 194.110.203.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /db/db_backup.klub.kornland.at.sql.gz HTTP/1.1" 422
[03/Dec/2022:21:09:01 +0100] 185.7.214.218 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[03/Dec/2022:21:16:45 +0100] 51.11.211.224 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /cgi-bin/luci HTTP/1.1" 395
[03/Dec/2022:22:13:59 +0100] 185.83.146.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 310
[03/Dec/2022:22:14:00 +0100] 185.83.146.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.env HTTP/1.1" 310
[03/Dec/2022:22:14:02 +0100] 185.83.146.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/credentials HTTP/1.1" 317
[03/Dec/2022:22:14:04 +0100] 185.83.146.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/credentials HTTP/1.1" 317
[03/Dec/2022:22:14:06 +0100] 185.83.146.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/config HTTP/1.1" 315
[03/Dec/2022:22:14:07 +0100] 185.83.146.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/config HTTP/1.1" 315
[03/Dec/2022:22:14:09 +0100] 185.83.146.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /aws/credentials HTTP/1.1" 316
[03/Dec/2022:22:14:10 +0100] 185.83.146.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /aws/credentials HTTP/1.1" 316
[03/Dec/2022:22:14:12 +0100] 185.83.146.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /credentials HTTP/1.1" 314
[03/Dec/2022:22:14:14 +0100] 185.83.146.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /credentials HTTP/1.1" 314
[03/Dec/2022:22:14:16 +0100] 185.83.146.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /test.php HTTP/1.1" 312
[03/Dec/2022:22:14:17 +0100] 185.83.146.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /test.php HTTP/1.1" 312
[03/Dec/2022:22:14:18 +0100] 185.83.146.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /laravel/.env HTTP/1.1" 315
[03/Dec/2022:22:14:19 +0100] 185.83.146.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /laravel/.env HTTP/1.1" 315
[03/Dec/2022:22:14:21 +0100] 185.83.146.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /demo/.env HTTP/1.1" 313
[03/Dec/2022:22:14:23 +0100] 185.83.146.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /demo/.env HTTP/1.1" 313
[03/Dec/2022:22:14:25 +0100] 185.83.146.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /web/.env HTTP/1.1" 312
[03/Dec/2022:22:14:27 +0100] 185.83.146.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /web/.env HTTP/1.1" 312
[03/Dec/2022:22:19:25 +0100] 198.235.24.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 385
[03/Dec/2022:22:26:47 +0100] 128.90.157.104 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[03/Dec/2022:22:26:48 +0100] 128.90.157.104 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[03/Dec/2022:22:26:48 +0100] 128.90.157.104 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /Autodiscover/Autodiscover.xml HTTP/1.1" 315
[03/Dec/2022:22:26:49 +0100] 128.90.157.104 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /Autodiscover/Autodiscover.xml HTTP/1.1" 315
[03/Dec/2022:22:26:53 +0100] 128.90.157.104 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[03/Dec/2022:22:42:47 +0100] 60.217.75.70 - - "-" -
[03/Dec/2022:23:42:49 +0100] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /db/db_backup.easyzumfuehrerschein.sql.gz HTTP/1.1" 434
[04/Dec/2022:00:27:19 +0100] 34.77.127.183 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[04/Dec/2022:00:40:31 +0100] 34.219.246.154 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 306
[04/Dec/2022:00:41:16 +0100] 34.220.119.47 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 313
[04/Dec/2022:00:57:24 +0100] 179.43.177.154 TLSv1.2 AES256-SHA "GET /.env HTTP/1.1" 304